Max CVSS 9.3 Min CVSS 4.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-5736 9.3
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types
02-02-2024 - 12:15 11-02-2019 - 19:29
CVE-2019-3816 5.0
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a sp
12-02-2023 - 23:38 14-03-2019 - 22:29
CVE-2019-9636 5.0
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a
25-07-2022 - 18:15 08-03-2019 - 21:29
CVE-2019-6454 4.9
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl
20-02-2022 - 06:08 21-03-2019 - 16:01
CVE-2019-7548 6.8
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
30-11-2021 - 19:52 06-02-2019 - 21:29
CVE-2019-0215 6.0
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
06-06-2021 - 11:15 08-04-2019 - 20:29
CVE-2019-3839 6.8
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside o
15-10-2020 - 14:31 16-05-2019 - 19:29
CVE-2019-9813 6.8
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
24-08-2020 - 17:37 26-04-2019 - 17:29
CVE-2019-5953 7.5
Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.
24-08-2020 - 17:37 17-05-2019 - 16:29
CVE-2018-12180 6.8
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
03-10-2019 - 00:03 27-03-2019 - 20:29
CVE-2016-10745 5.0
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
06-06-2019 - 16:29 08-04-2019 - 13:29
CVE-2019-10063 6.8
Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could other
13-05-2019 - 10:29 26-03-2019 - 14:29
CVE-2019-3878 6.8
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers tha
07-05-2019 - 09:29 26-03-2019 - 18:29
Back to Top Mark selected
Back to Top