# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2019-1000019 |
125 |
|
DoS |
2019-02-04 |
2019-11-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file. |
2 |
CVE-2019-11831 |
22 |
|
Dir. Trav. Bypass |
2019-05-09 |
2021-10-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL. |
3 |
CVE-2019-11373 |
125 |
|
|
2019-04-20 |
2019-05-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash. |
4 |
CVE-2019-11372 |
125 |
|
|
2019-04-20 |
2019-05-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash. |
5 |
CVE-2019-11358 |
1321 |
|
|
2019-04-20 |
2022-04-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. |
6 |
CVE-2019-11065 |
|
|
|
2019-04-10 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.googleapis.com web site. |
7 |
CVE-2019-11036 |
125 |
|
|
2019-05-03 |
2020-10-02 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash. |
8 |
CVE-2019-10906 |
|
|
|
2019-04-07 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. |
9 |
CVE-2019-9917 |
20 |
|
DoS |
2019-03-27 |
2019-06-15 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding. |
10 |
CVE-2019-9898 |
327 |
|
|
2019-03-21 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. |
11 |
CVE-2019-9897 |
20 |
|
|
2019-03-21 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. |
12 |
CVE-2019-9895 |
119 |
|
Overflow |
2019-03-21 |
2019-04-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. |
13 |
CVE-2019-9894 |
320 |
|
|
2019-03-21 |
2019-04-26 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. |
14 |
CVE-2019-9658 |
611 |
|
|
2019-03-11 |
2020-10-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Checkstyle before 8.18 loads external DTDs by default. |
15 |
CVE-2019-9636 |
|
|
|
2019-03-08 |
2020-10-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. |
16 |
CVE-2019-9631 |
125 |
|
|
2019-03-08 |
2020-07-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. |
17 |
CVE-2019-9499 |
287 |
|
|
2019-04-17 |
2020-10-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. |
18 |
CVE-2019-9498 |
287 |
|
|
2019-04-17 |
2020-10-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. |
19 |
CVE-2019-9497 |
287 |
|
|
2019-04-17 |
2019-05-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. |
20 |
CVE-2019-9496 |
287 |
|
DoS |
2019-04-17 |
2019-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. |
21 |
CVE-2019-9495 |
203 |
|
|
2019-04-17 |
2021-11-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. |
22 |
CVE-2019-9494 |
203 |
|
+Info |
2019-04-17 |
2021-11-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. |
23 |
CVE-2019-8936 |
476 |
|
|
2019-05-15 |
2020-10-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
NTP through 4.2.8p12 has a NULL Pointer Dereference. |
24 |
CVE-2019-8381 |
119 |
|
DoS Overflow |
2019-02-17 |
2022-04-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
25 |
CVE-2019-8377 |
476 |
|
DoS |
2019-02-17 |
2022-04-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
26 |
CVE-2019-8376 |
476 |
|
DoS |
2019-02-17 |
2022-04-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. |
27 |
CVE-2019-7639 |
863 |
|
|
2019-02-08 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file. |
28 |
CVE-2019-7577 |
125 |
|
|
2019-02-07 |
2021-11-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c. |
29 |
CVE-2019-7443 |
20 |
|
|
2019-05-07 |
2019-05-10 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability. |
30 |
CVE-2019-7310 |
125 |
|
DoS |
2019-02-03 |
2022-05-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. |
31 |
CVE-2019-7222 |
|
|
+Info |
2019-03-21 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. |
32 |
CVE-2019-7221 |
416 |
|
|
2019-03-21 |
2020-10-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. |
33 |
CVE-2019-6975 |
770 |
|
|
2019-02-11 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. |
34 |
CVE-2019-6341 |
79 |
|
XSS |
2019-03-26 |
2019-05-16 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability. |
35 |
CVE-2019-6251 |
|
|
|
2019-01-14 |
2020-08-24 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. |
36 |
CVE-2019-6116 |
|
|
Exec Code |
2019-03-21 |
2020-08-24 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. |
37 |
CVE-2019-5885 |
320 |
|
|
2019-03-21 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users. |
38 |
CVE-2019-3880 |
22 |
|
Dir. Trav. |
2019-04-09 |
2019-05-27 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share. Versions before 4.8.11, 4.9.6 and 4.10.2 are vulnerable. |
39 |
CVE-2019-3871 |
20 |
|
DoS |
2019-03-21 |
2019-04-05 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response |
40 |
CVE-2019-3859 |
125 |
|
DoS |
2019-03-21 |
2019-07-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. |
41 |
CVE-2019-3857 |
787 |
|
Exec Code Overflow |
2019-03-25 |
2020-10-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. |
42 |
CVE-2019-3856 |
787 |
|
Exec Code Overflow |
2019-03-25 |
2020-10-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. |
43 |
CVE-2019-3855 |
787 |
|
Exec Code Overflow |
2019-03-21 |
2020-10-15 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. |
44 |
CVE-2019-3838 |
|
|
|
2019-03-25 |
2020-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. |
45 |
CVE-2019-3836 |
824 |
|
|
2019-04-01 |
2019-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages. |
46 |
CVE-2019-3835 |
862 |
|
|
2019-03-25 |
2020-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. |
47 |
CVE-2019-3833 |
835 |
|
DoS |
2019-03-14 |
2020-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server. |
48 |
CVE-2019-3816 |
22 |
|
Dir. Trav. |
2019-03-14 |
2021-11-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server. |
49 |
CVE-2019-3500 |
532 |
|
+Info |
2019-01-02 |
2022-04-06 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. |
50 |
CVE-2019-3498 |
20 |
|
|
2019-01-09 |
2021-07-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content. |