2019 CVE Vulnerabilities
17,618 CVEs published in 2019.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2019-10450 | LOW | 3.3 | 0.2% | Oct 16, 2019 | Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins m... |
| CVE-2019-4265 | LOW | 2.4 | 0.4% | Oct 10, 2019 | IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker... |
| CVE-2019-17401 | LOW | 3.3 | 0.4% | Oct 9, 2019 | libyal liblnk 20191006 has a heap-based buffer over-read in the network_share_name_offset>20 code block of liblnk_locati... |
| CVE-2019-17264 | LOW | 3.3 | 0.4% | Oct 6, 2019 | In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-base... |
| CVE-2019-17263 | LOW | 3.3 | 0.5% | Oct 6, 2019 | In libyal libfwsi before 20191006, libfwsi_extension_block_copy_from_byte_stream in libfwsi_extension_block.c has a heap... |
| CVE-2019-17056 | LOW | 3.3 | 0.6% | Oct 1, 2019 | llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce ... |
| CVE-2019-17055 | LOW | 3.3 | 0.5% | Oct 1, 2019 | base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not... |
| CVE-2019-17054 | LOW | 3.3 | 0.5% | Oct 1, 2019 | atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforc... |
| CVE-2019-17053 | LOW | 3.3 | 0.5% | Oct 1, 2019 | ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does ... |
| CVE-2019-17052 | LOW | 3.3 | 0.6% | Oct 1, 2019 | ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce ... |
| CVE-2019-10433 | LOW | 3.3 | 0.4% | Oct 1, 2019 | Jenkins Dingding[钉钉] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can ... |
| CVE-2019-3729 | LOW | 2.4 | 0.4% | Sep 30, 2019 | RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Bu... |
| CVE-2019-4112 | LOW | 3.3 | 0.3% | Sep 30, 2019 | IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on... |
| CVE-2019-9440 | LOW | 3.3 | 0.1% | Sep 27, 2019 | In AOSP Email, there is a possible information disclosure due to a confused deputy. This could lead to local disclosure ... |
| CVE-2019-9438 | LOW | 3.3 | 0.1% | Sep 27, 2019 | In the Package Manager service, there is a possible information disclosure due to a confused deputy. This could lead to ... |
| CVE-2019-9377 | LOW | 3.3 | 0.1% | Sep 27, 2019 | In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each ... |
| CVE-2019-9364 | LOW | 3.3 | 0.1% | Sep 27, 2019 | In AudioService, there is a possible trigger of background user audio due to a permissions bypass. This could lead to lo... |
| CVE-2019-9351 | LOW | 3.3 | 0.1% | Sep 27, 2019 | In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each ... |
| CVE-2019-9292 | LOW | 3.3 | 0.1% | Sep 27, 2019 | In the Activity Manager service, there is a possible information disclosure due to a confused deputy. This could lead to... |
| CVE-2019-9280 | LOW | 3.3 | 0.1% | Sep 27, 2019 | In keyguard, there is a possible escalation of privilege due to improper permission checks. This could lead to a local b... |
| CVE-2019-9277 | LOW | 3.3 | 0.2% | Sep 27, 2019 | In the proc filesystem, there is a possible information disclosure due to log information disclosure. This could lead to... |
| CVE-2019-11743 | LOW | 3.7 | 1.8% | Sep 27, 2019 | Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances... |
| CVE-2019-12617 | LOW | 2.7 | 0.9% | Sep 26, 2019 | In SilverStripe through 4.3.3, there is access escalation for CMS users with limited access through permission cache pol... |
| CVE-2019-12068 | LOW | 3.8 | 0.5% | Sep 24, 2019 | In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-1... |
| CVE-2019-4271 | LOW | 3.5 | 0.8% | Sep 17, 2019 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter poll... |
Check if your code is affected by 2019 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now