CVEs from 2019
Total
3,413
critical
critical 232
high
high 332
medium
medium 301
low
low 72
% Critical
6.8%
% with KEV
3.5%
% with exploit
3.5%
Top products
- u-boot 20
- nsauditor 1
- crypto 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2019-13720 | critical | — | 10.0 | 4y ago | arbitrary code execution in chromium | |
| CVE-2019-11707 | critical | — | 10.0 | 4y ago | Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash. | |
| CVE-2019-11043 | critical | — | 10.0 | 4y ago | Critical: php:7.2 security update | |
| CVE-2019-16928 | critical | — | 10.0 | 4y ago | Exim contains an out-of-bounds write vulnerability which can allow for remote code execution. | |
| CVE-2019-10149 | critical | — | 10.0 | 4y ago | Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. | |
| CVE-2019-17026 | critical | — | 10.0 | 5y ago | Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMonkey JIT compiler when setting array elements. | |
| CVE-2019-0211 | critical | — | 10.0 | 5y ago | Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute c… | |
| CVE-2019-14204 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply. | |
| CVE-2019-14203 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply. | |
| CVE-2019-14202 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply. | |
| CVE-2019-14201 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. | |
| CVE-2019-14200 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply. | |
| CVE-2019-14199 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call. | |
| CVE-2019-14198 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case. | |
| CVE-2019-14196 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply. | |
| CVE-2019-14195 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length. | |
| CVE-2019-14194 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case. | |
| CVE-2019-14193 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length. | |
| CVE-2019-14192 | critical | 9.8 | 9.8 | 7y ago | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call. | |
| CVE-2019-13738 | critical | — | 9.5 | — | Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page. | |
| CVE-2019-17000 | critical | — | 9.5 | — | An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URI… | |
| CVE-2019-13732 | critical | — | 9.5 | — | Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2019-9807 | critical | — | 9.5 | — | When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for soc… | |
| CVE-2019-9956 | critical | — | 9.5 | — | In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted i… | |
| CVE-2019-9796 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is lat… | |
| CVE-2019-13749 | critical | — | 9.5 | — | Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |
| CVE-2019-8942 | critical | — | 9.5 | — | WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php su… | |
| CVE-2019-0220 | critical | — | 9.5 | — | multiple issues in apache | |
| CVE-2019-5781 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-11717 | critical | — | 9.5 | — | A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vuln… | |
| CVE-2019-3860 | critical | — | 9.5 | — | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial … | |
| CVE-2019-13767 | critical | — | 9.5 | — | Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2019-13757 | critical | — | 9.5 | — | Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |
| CVE-2019-13763 | critical | — | 9.5 | — | Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | |
| CVE-2019-9802 | critical | — | 9.5 | — | If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome pr… | |
| CVE-2019-13734 | critical | — | 9.5 | — | Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2019-7733 | critical | — | 9.5 | — | multiple issues in live-media | |
| CVE-2019-13736 | critical | — | 9.5 | — | Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |
| CVE-2019-3857 | critical | — | 9.5 | — | An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker… | |
| CVE-2019-8912 | critical | — | 9.5 | — | In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. | |
| CVE-2019-6974 | critical | — | 9.5 | — | In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | |
| CVE-2019-3859 | critical | — | 9.5 | — | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to … | |
| CVE-2019-11691 | critical | — | 9.5 | — | A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially explo… | |
| CVE-2019-11745 | critical | — | 9.5 | — | When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and… | |
| CVE-2019-3836 | critical | — | 9.5 | — | It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages. | |
| CVE-2019-3863 | critical | — | 9.5 | — | A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than uns… | |
| CVE-2019-17013 | critical | — | 9.5 | — | Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl… | |
| CVE-2019-9817 | critical | — | 9.5 | — | Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerabi… | |
| CVE-2019-3856 | critical | — | 9.5 | — | An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH se… | |
| CVE-2019-11763 | critical | — | 9.5 | — | Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could… | |
| CVE-2019-11730 | critical | — | 9.5 | — | A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. … | |
| CVE-2019-3813 | critical | — | 9.5 | — | Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-executi… | |
| CVE-2019-3861 | critical | — | 9.5 | — | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH… | |
| CVE-2019-13728 | critical | — | 9.5 | — | Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2019-13754 | critical | — | 9.5 | — | Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |
| CVE-2019-13759 | critical | — | 9.5 | — | Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |
| CVE-2019-17017 | critical | — | 9.5 | — | Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. Thi… | |
| CVE-2019-13761 | critical | — | 9.5 | — | Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |
| CVE-2019-9797 | critical | — | 9.5 | — | Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a can… | |
| CVE-2019-11713 | critical | — | 9.5 | — | A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.… | |
| CVE-2019-3862 | critical | — | 9.5 | — | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a… | |
| CVE-2019-11759 | critical | — | 9.5 | — | An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a c… | |
| CVE-2019-18511 | critical | — | 9.5 | — | multiple issues in thunderbird | |
| CVE-2019-0215 | critical | — | 9.5 | — | multiple issues in apache | |
| CVE-2019-11762 | critical | — | 9.5 | — | If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulner… | |
| CVE-2019-11712 | critical | — | 9.5 | — | POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) a… | |
| CVE-2019-13745 | critical | — | 9.5 | — | Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |
| CVE-2019-11765 | critical | — | 9.5 | — | A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process… | |
| CVE-2019-17016 | critical | — | 9.5 | — | When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites re… | |
| CVE-2019-17024 | critical | — | 9.5 | — | Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these… | |
| CVE-2019-7222 | critical | — | 9.5 | — | The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. | |
| CVE-2019-13748 | critical | — | 9.5 | — | Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML p… | |
| CVE-2019-11719 | critical | — | 9.5 | — | When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to inf… | |
| CVE-2019-13755 | critical | — | 9.5 | — | Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page. | |
| CVE-2019-17020 | critical | — | 9.5 | — | If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL … | |
| CVE-2019-3855 | critical | — | 9.5 | — | An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server … | |
| CVE-2019-17666 | critical | — | 9.5 | — | rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. | |
| CVE-2019-11760 | critical | — | 9.5 | — | A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderb… | |
| CVE-2019-3858 | critical | — | 9.5 | — | An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause… | |
| CVE-2019-11757 | critical | — | 9.5 | — | When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitabl… | |
| CVE-2019-9788 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we pres… | |
| CVE-2019-9809 | critical | — | 9.5 | — | If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These mess… | |
| CVE-2019-13756 | critical | — | 9.5 | — | Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |
| CVE-2019-13740 | critical | — | 9.5 | — | Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |
| CVE-2019-17009 | critical | — | 9.5 | — | When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the up… | |
| CVE-2019-17008 | critical | — | 9.5 | — | When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3,… | |
| CVE-2019-7314 | critical | — | 9.5 | — | multiple issues in live-media | |
| CVE-2019-17010 | critical | — | 9.5 | — | Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash.… | |
| CVE-2019-5772 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-11721 | critical | — | 9.5 | — | The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confus… | |
| CVE-2019-5769 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-5813 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-9814 | critical | — | 9.5 | — | Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of… | |
| CVE-2019-9821 | critical | — | 9.5 | — | A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox < 67. | |
| CVE-2019-11723 | critical | — | 9.5 | — | A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across dif… | |
| CVE-2019-5837 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-11720 | critical | — | 9.5 | — | Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-si… | |
| CVE-2019-11716 | critical | — | 9.5 | — | Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNames(window). Sites that deploy a sandboxing that depen… | |
| CVE-2019-5819 | critical | — | 9.5 | — | multiple issues in chromium | |
| CVE-2019-13739 | critical | — | 9.5 | — | Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. |