2019 CVE Vulnerabilities
17,618 CVEs published in 2019.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2019-25763 | CRITICAL | 9.3 | 0.4% | Jun 20, 2026 | WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attacke... |
| CVE-2019-25741 | CRITICAL | 9.3 | 0.6% | Jun 4, 2026 | Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the usernam... |
| CVE-2019-25738 | CRITICAL | 9.3 | 0.3% | Jun 4, 2026 | WordPress Hybrid Composer 1.4.6 contains an unauthenticated settings change vulnerability that allows unauthenticated at... |
| CVE-2019-25729 | CRITICAL | 9.3 | 0.3% | Jun 4, 2026 | PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute ... |
| CVE-2019-25727 | CRITICAL | 9.3 | 0.5% | Jun 4, 2026 | WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated atta... |
| CVE-2019-25714 | CRITICAL | 9.3 | 0.7% | Apr 21, 2026 | Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint th... |
| CVE-2019-25709 | CRITICAL | 9.3 | 0.6% | Apr 12, 2026 | CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by access... |
| CVE-2019-25687 | CRITICAL | 9.3 | 1.4% | Apr 5, 2026 | Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that allows unauthenticate... |
| CVE-2019-25651 | CRITICAL | 9 | 0.1% | Mar 27, 2026 | Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP... |
| CVE-2019-25646 | CRITICAL | 9.3 | 0.9% | Mar 24, 2026 | Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attack... |
| CVE-2019-25628 | CRITICAL | 9.3 | 0.8% | Mar 24, 2026 | Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows... |
| CVE-2019-25614 | CRITICAL | 9.3 | 0.9% | Mar 22, 2026 | Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to ... |
| CVE-2019-25568 | CRITICAL | 9.3 | 0.3% | Mar 21, 2026 | Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileg... |
| CVE-2019-25487 | CRITICAL | 9.3 | 8.4% | Mar 11, 2026 | SAPIDO RB-1732 V2.0.43 contains a remote command execution vulnerability that allows unauthenticated attackers to execut... |
| CVE-2019-25471 | CRITICAL | 9.3 | 0.9% | Mar 11, 2026 | FileThingie 2.5.7 contains an arbitrary file upload vulnerability that allows attackers to upload malicious files by sen... |
| CVE-2019-25468 | CRITICAL | 9.3 | 0.8% | Mar 11, 2026 | NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute ... |
| CVE-2019-25441 | CRITICAL | 9.3 | 8.5% | Feb 20, 2026 | thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary syst... |
| CVE-2019-25364 | CRITICAL | 9.3 | 0.8% | Feb 18, 2026 | MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 USER command that allows remote attackers to execu... |
| CVE-2019-25362 | CRITICAL | 9.3 | 0.7% | Feb 18, 2026 | WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow vulnerability that allows attackers to execute arb... |
| CVE-2019-25322 | CRITICAL | 9.3 | 0.3% | Feb 12, 2026 | Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable a... |
| CVE-2019-25296 | CRITICAL | 9.8 | 0.6% | Jan 8, 2026 | The WP Cost Estimation plugin for WordPress is vulnerable to arbitrary file uploads and deletion due to missing file typ... |
| CVE-2019-25291 | CRITICAL | 9.3 | 0.4% | Jan 8, 2026 | INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that ca... |
| CVE-2019-25278 | CRITICAL | 9.1 | 0.3% | Jan 8, 2026 | FaceSentry Access Control System 6.4.8 contains a cleartext transmission vulnerability that allows remote attackers to i... |
| CVE-2019-25241 | CRITICAL | 9.8 | 0.7% | Dec 24, 2025 | FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials ... |
| CVE-2019-19144 | CRITICAL | 9.8 | 0.7% | Aug 1, 2025 | XML External Entity Injection vulnerability in Quantum DXi6702 2.3.0.3 (11449-53631 Build304) devices via rest/Users?act... |
Check if your code is affected by 2019 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now