CVEs from 2019
Total
3,413
critical
critical 232
high
high 332
medium
medium 301
low
low 72
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%
Top products
- u-boot 20
- nsauditor 1
- crypto 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2019-13345 | medium | — | 5.5 | 7y ago | Moderate: squid:4 security and bug fix update | |
| CVE-2019-9740 | medium | — | 5.5 | 7y ago | Moderate: python27:2.7 security and bug fix update | |
| CVE-2019-9947 | medium | — | 5.5 | 7y ago | Moderate: python27:2.7 security and bug fix update | |
| CVE-2019-9948 | medium | — | 5.5 | 7y ago | Moderate: python27:2.7 security and bug fix update | |
| CVE-2019-16942 | medium | — | 5.5 | 7y ago | Polymorphic Typing in FasterXML jackson-databind | |
| CVE-2019-16335 | medium | — | 5.5 | 7y ago | Polymorphic Typing issue in FasterXML jackson-databind | |
| CVE-2019-14540 | medium | — | 5.5 | 7y ago | Polymorphic Typing issue in FasterXML jackson-databind | |
| CVE-2019-6978 | medium | — | 5.5 | 7y ago | Moderate: gd security update | |
| CVE-2019-10747 | medium | — | 5.5 | 7y ago | Moderate: nodejs:12 security update | |
| CVE-2019-10746 | medium | — | 5.5 | 7y ago | Moderate: nodejs:12 security update | |
| CVE-2019-14234 | medium | — | 5.5 | 7y ago | An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.… | |
| CVE-2019-2628 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2537 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2627 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2740 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2758 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2737 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2805 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2614 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-2739 | medium | — | 5.5 | 7y ago | Moderate: mariadb:10.3 security and bug fix update | |
| CVE-2019-14233 | medium | — | 5.5 | 7y ago | An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremel… | |
| CVE-2019-14235 | medium | — | 5.5 | 7y ago | An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage… | |
| CVE-2019-14232 | medium | — | 5.5 | 7y ago | An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, … | |
| CVE-2019-13114 | medium | — | 5.5 | 7y ago | Moderate: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-12308 | medium | — | 5.5 | 7y ago | An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without… | |
| CVE-2019-11324 | medium | — | 5.5 | 7y ago | Moderate: python27:2.7 security, bug fix, and enhancement update | |
| CVE-2019-11358 | medium | — | 5.5 | 7y ago | XSS in jQuery as used in Drupal, Backdrop CMS, and other products | |
| CVE-2019-7164 | medium | — | 5.5 | 7y ago | Moderate: python36:3.6 security update | |
| CVE-2019-7548 | medium | — | 5.5 | 7y ago | Moderate: python36:3.6 security update | |
| CVE-2019-8331 | medium | — | 5.5 | 7y ago | Bootstrap Vulnerable to Cross-Site Scripting | |
| CVE-2019-6975 | medium | — | 5.5 | 7y ago | Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() func… | |
| CVE-2019-3498 | medium | — | 5.5 | 8y ago | In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defa… | |
| CVE-2019-3881 | medium | — | 5.5 | 8y ago | Moderate: ruby:2.6 security, bug fix, and enhancement update | |
| CVE-2019-8506 | low | — | 4.0 | 4y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-16167 | low | — | 2.5 | — | sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. | |
| CVE-2019-7310 | low | — | 2.5 | — | In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash… | |
| CVE-2019-7317 | low | — | 2.5 | — | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. | |
| CVE-2019-1543 | low | — | 2.5 | — | ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a vari… | |
| CVE-2019-5882 | low | — | 2.5 | — | Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | |
| CVE-2019-7653 | low | — | 2.5 | — | The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in th… | |
| CVE-2019-20838 | low | — | 2.5 | 5y ago | Low: pcre security update | |
| CVE-2019-17402 | low | — | 2.5 | 5y ago | Low: exiv2 security, bug fix, and enhancement update | |
| CVE-2019-2708 | low | — | 2.5 | 5y ago | Low: libdb security update | |
| CVE-2019-14494 | low | — | 2.5 | 6y ago | Low: poppler security update | |
| CVE-2019-15165 | low | — | 2.5 | 6y ago | Low: libpcap security, bug fix, and enhancement update | |
| CVE-2019-1010305 | low | — | 2.5 | 6y ago | Low: libmspack security and bug fix update | |
| CVE-2019-13045 | low | — | 2.5 | 6y ago | Low: irssi security update | |
| CVE-2019-1010315 | low | — | 2.5 | 6y ago | Low: wavpack security update | |
| CVE-2019-1010319 | low | — | 2.5 | 6y ago | Low: wavpack security update | |
| CVE-2019-11498 | low | — | 2.5 | 6y ago | Low: wavpack security update | |
| CVE-2019-1010317 | low | — | 2.5 | 6y ago | Low: wavpack security update | |
| CVE-2019-19118 | low | — | 2.5 | 7y ago | Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but ed… | |
| CVE-2019-8536 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8689 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8687 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8558 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-6237 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8544 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8735 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8571 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-11070 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8666 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8607 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8523 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8676 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8596 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-3820 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8587 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8686 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-11459 | low | — | 2.5 | 7y ago | The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to u… | |
| CVE-2019-8672 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8677 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8551 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-6251 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8524 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-12795 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8679 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8622 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8619 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8615 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8610 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8608 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8623 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8673 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8518 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8726 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8559 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8563 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8671 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8594 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8609 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8586 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8601 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8681 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8584 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8583 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8597 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8595 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8768 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update | |
| CVE-2019-8690 | low | — | 2.5 | 7y ago | Low: GNOME security, bug fix, and enhancement update |