2019 CVE Vulnerabilities
17,618 CVEs published in 2019.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2019-4575 | CRITICAL | 9.8 | 1.1% | Jun 15, 2022 | IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injec... |
| CVE-2019-25065 | CRITICAL | 9.8 | 6.6% | Jun 9, 2022 | A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as critical. Affected by this issue is some unknown ... |
| CVE-2019-12351 | CRITICAL | 9.8 | 1.4% | Jun 2, 2022 | An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_print.php via an id parameter value with a trailing... |
| CVE-2019-12350 | CRITICAL | 9.8 | 1.4% | Jun 2, 2022 | An issue was discovered in zzcms 2019. SQL Injection exists in dl/dl_download.php via an id parameter value with a trail... |
| CVE-2019-12349 | CRITICAL | 9.8 | 1.4% | Jun 2, 2022 | An issue was discovered in zzcms 2019. SQL Injection exists in /admin/dl_sendsms.php via the id parameter. |
| CVE-2019-12254 | CRITICAL | 9.8 | 1.2% | May 6, 2022 | In multiple Tecson Tankspion and GOKs SmartBox 4 products the affected application doesn't properly restrict access to a... |
| CVE-2019-9564 | CRITICAL | 9.8 | 1.4% | Mar 30, 2022 | A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and co... |
| CVE-2019-12266 | CRITICAL | 9.8 | 1.2% | Mar 30, 2022 | Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on... |
| CVE-2019-20082 | CRITICAL | 9.8 | 2.0% | Dec 28, 2021 | ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x parameter to Advanced_LA... |
| CVE-2019-8703 | CRITICAL | 9.8 | 1.4% | Dec 23, 2021 | This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iO... |
| CVE-2019-8643 | CRITICAL | 9.8 | 1.1% | Dec 23, 2021 | CVE-2019-8643: Arun Sharma of VMWare This issue is fixed in macOS Mojave 10.14. Description: A logic issue was addressed... |
| CVE-2019-16240 | CRITICAL | 9.1 | 1.3% | Nov 9, 2021 | A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide... |
| CVE-2019-19810 | CRITICAL | 10 | 4.9% | Oct 28, 2021 | Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A... |
| CVE-2019-6288 | CRITICAL | 9.8 | 3.0% | Sep 22, 2021 | Edgecore ECS2020 Firmware 1.0.0.0 devices allow Unauthenticated Command Injection via the command1 HTTP header to the /E... |
| CVE-2019-10095 | CRITICAL | 9.8 | 5.5% | Sep 2, 2021 | bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpre... |
| CVE-2019-25052 | CRITICAL | 9.1 | 0.9% | Aug 11, 2021 | In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptogr... |
| CVE-2019-20467 | CRITICAL | 9.8 | 3.7% | Jul 22, 2021 | An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a... |
| CVE-2019-18906 | CRITICAL | 9.8 | 1.1% | Jun 30, 2021 | A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server ... |
| CVE-2019-25029 | CRITICAL | 9.8 | 2.7% | May 26, 2021 | In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host o... |
| CVE-2019-12348 | CRITICAL | 9.8 | 1.7% | May 24, 2021 | An issue was discovered in zzcms 2019. SQL Injection exists in user/ztconfig.php via the daohang or img POST parameter. |
| CVE-2019-25042 | CRITICAL | 9.8 | 2.0% | Apr 27, 2021 | Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that t... |
| CVE-2019-25039 | CRITICAL | 9.8 | 2.0% | Apr 27, 2021 | Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. NOTE: The vendor disputes that... |
| CVE-2019-25038 | CRITICAL | 9.8 | 2.0% | Apr 27, 2021 | Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c. NOTE: The vendor disputes ... |
| CVE-2019-25035 | CRITICAL | 9.8 | 2.0% | Apr 27, 2021 | Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par. NOTE: The vendor disputes that this is a vul... |
| CVE-2019-25034 | CRITICAL | 9.8 | 2.0% | Apr 27, 2021 | Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. N... |
Check if your code is affected by 2019 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now