2019 CVE Vulnerabilities
17,618 CVEs published in 2019.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2019-20853 | CRITICAL | 9.8 | 2.2% | Jun 19, 2020 | An issue was discovered in Mattermost Packages before 5.16.3. A Droplet could allow Internet access to a service that ha... |
| CVE-2019-20851 | CRITICAL | 9.1 | 1.4% | Jun 19, 2020 | An issue was discovered in Mattermost Mobile Apps before 1.26.0. An attacker can use directory traversal with the Video ... |
| CVE-2019-4576 | CRITICAL | 9.8 | 1.3% | Jun 10, 2020 | IBM QRadar Network Packet Capture 7.3.0 - 7.3.3 Patch 1 and 7.4.0 GA does not require that users should have strong pass... |
| CVE-2019-20830 | CRITICAL | 9.8 | 1.7% | Jun 4, 2020 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer ... |
| CVE-2019-20827 | CRITICAL | 9.8 | 1.7% | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption bec... |
| CVE-2019-20825 | CRITICAL | 9.8 | 1.1% | Jun 4, 2020 | An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an out-of-bounds write when Internet Explorer is used. |
| CVE-2019-20822 | CRITICAL | 9.8 | 1.1% | Jun 4, 2020 | An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.7.0.29430. It has an out-of-bound... |
| CVE-2019-6342 | CRITICAL | 9.8 | 1.6% | May 28, 2020 | An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be m... |
| CVE-2019-5997 | CRITICAL | 9.8 | 1.7% | May 20, 2020 | Video Insight VMS versions prior to 7.6.1 allow remote attackers to conduct code injection attacks via unspecified vecto... |
| CVE-2019-7247 | CRITICAL | 9.8 | 2.1% | May 18, 2020 | An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL ... |
| CVE-2019-20800 | CRITICAL | 9.8 | 2.1% | May 18, 2020 | In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in... |
| CVE-2019-18666 | CRITICAL | 9.8 | 3.2% | May 15, 2020 | An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without autho... |
| CVE-2019-17562 | CRITICAL | 9.8 | 2.9% | May 14, 2020 | A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all vers... |
| CVE-2019-13022 | CRITICAL | 9.8 | 1.3% | May 14, 2020 | Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding password generation algorit... |
| CVE-2019-15880 | CRITICAL | 9.8 | 1.5% | May 13, 2020 | In FreeBSD 12.1-STABLE before r356911, and 12.1-RELEASE before p5, insufficient checking in the cryptodev module allocat... |
| CVE-2019-18869 | CRITICAL | 9.8 | 1.3% | May 7, 2020 | Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /defau... |
| CVE-2019-18868 | CRITICAL | 9.8 | 0.8% | May 7, 2020 | Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext i... |
| CVE-2019-19169 | CRITICAL | 9.8 | 1.6% | May 6, 2020 | Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download ... |
| CVE-2019-19168 | CRITICAL | 9.8 | 1.6% | May 6, 2020 | Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download ... |
| CVE-2019-19167 | CRITICAL | 9.8 | 0.7% | May 6, 2020 | Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method support... |
| CVE-2019-5623 | CRITICAL | 9.8 | 1.6% | Apr 29, 2020 | Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Spe... |
| CVE-2019-5622 | CRITICAL | 9.8 | 1.1% | Apr 29, 2020 | Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials... |
| CVE-2019-5620 | CRITICAL | 9.8 | 70.1% | Apr 29, 2020 | ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function. |
| CVE-2019-5619 | CRITICAL | 9.8 | 4.7% | Apr 29, 2020 | AASync.com AASync version 2.2.1.0 suffers from an instance of CWE-121: Stack-based Buffer Overflow. |
| CVE-2019-5614 | CRITICAL | 9.8 | 1.3% | Apr 29, 2020 | In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE... |
Check if your code is affected by 2019 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now