| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2019-20000 | The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables... | E | |
| CVE-2019-20001 | An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that al... | | |
| CVE-2019-20002 | Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value (provide... | | |
| CVE-2019-20003 | Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Dis... | E | |
| CVE-2019-20004 | An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is cha... | | |
| CVE-2019-20005 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a cra... | E | |
| CVE-2019-20006 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer... | E | |
| CVE-2019-20007 | An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a c... | E | |
| CVE-2019-20008 | In Archery before 1.3, inserting an XSS payload into a project name (either by creating a new projec... | E | |
| CVE-2019-20009 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessi... | E S | |
| CVE-2019-20010 | An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector ... | E | |
| CVE-2019-20011 | An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R... | E | |
| CVE-2019-20012 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memo... | E | |
| CVE-2019-20013 | An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessi... | E S | |
| CVE-2019-20014 | An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.... | E S | |
| CVE-2019-20015 | An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memo... | E | |
| CVE-2019-20016 | libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by ... | E S | |
| CVE-2019-20017 | A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.... | E | |
| CVE-2019-20018 | A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.... | E | |
| CVE-2019-20019 | An attempted excessive memory allocation was discovered in Mat_VarRead5 in mat5.c in matio 1.5.17.... | E | |
| CVE-2019-20020 | A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.... | E | |
| CVE-2019-20021 | A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Ma... | E | |
| CVE-2019-20022 | An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8... | E | |
| CVE-2019-20023 | A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4.... | E | |
| CVE-2019-20024 | A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before... | E | |
| CVE-2019-20025 | Certain builds of NEC SV9100 software could allow an unauthenticated, remote attacker to log into a ... | | |
| CVE-2019-20026 | The WebPro interface in NEC SV9100 software releases 7.0 or higher allows unauthenticated remote att... | | |
| CVE-2019-20027 | Aspire-derived NEC PBXes, including the SV8100, SV9100, SL1100 and SL2100 with software releases 7.0... | | |
| CVE-2019-20028 | Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100... | | |
| CVE-2019-20029 | An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-deriv... | | |
| CVE-2019-20030 | An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH t... | | |
| CVE-2019-20031 | NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permi... | | |
| CVE-2019-20032 | An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on As... | | |
| CVE-2019-20033 | On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static l... | | |
| CVE-2019-20041 | wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 mishandles the HTML5 colon na... | S | |
| CVE-2019-20042 | In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be ... | S | |
| CVE-2019-20043 | In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, a... | S | |
| CVE-2019-20044 | In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIV... | | |
| CVE-2019-20045 | The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware ... | | |
| CVE-2019-20046 | The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware ... | | |
| CVE-2019-20047 | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and 8770 devices before 4.1.2. An ... | E | |
| CVE-2019-20048 | An issue was discovered on Alcatel-Lucent OmniVista 8770 devices before 4.1.2. An authenticated remo... | E S | |
| CVE-2019-20049 | An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker ... | E | |
| CVE-2019-20050 | Pandora FMS ≤ 7.42 suffers from a remote code execution vulnerability. To exploit the vulnerability,... | E | |
| CVE-2019-20051 | A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The... | E | |
| CVE-2019-20052 | A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not ... | E | |
| CVE-2019-20053 | An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX ... | E | |
| CVE-2019-20054 | In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/p... | S | |
| CVE-2019-20055 | LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substring followed by a URL in square... | E | |
| CVE-2019-20056 | stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertio... | E | |
| CVE-2019-20057 | com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier a... | | |
| CVE-2019-20058 | Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS because unsanitized search?search= input is ... | E | |
| CVE-2019-20059 | payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 dir... | E | |
| CVE-2019-20060 | MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If thi... | | |
| CVE-2019-20061 | The user-introduction email in MFScripts YetiShare v3.5.2 through v4.5.4 may leak the (system-picked... | | |
| CVE-2019-20062 | MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a lea... | | |
| CVE-2019-20063 | hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by myso... | E | |
| CVE-2019-20070 | On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field... | E | |
| CVE-2019-20071 | On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete all logs.... | E | |
| CVE-2019-20072 | On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS Configurat... | E | |
| CVE-2019-20073 | On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account Con... | E | |
| CVE-2019-20074 | On Netis DL4323 devices, any user role can view sensitive information, such as a user password or th... | | |
| CVE-2019-20075 | On Netis DL4323 devices, pingrtt_v6.html has XSS (Ping6 Diagnostic).... | E | |
| CVE-2019-20076 | On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the... | E | |
| CVE-2019-20077 | The Typesetter CMS 5.1 logout functionality is affected by a CSRF vulnerability. The logout function... | | |
| CVE-2019-20079 | The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.... | S | |
| CVE-2019-20082 | ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x para... | E | |
| CVE-2019-20085 | TVT NVMS-1000 devices allow GET /.. Directory Traversal... | KEV E | |
| CVE-2019-20086 | GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next in GPMF_parser.c.... | E | |
| CVE-2019-20087 | GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for ... | E | |
| CVE-2019-20088 | GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMF_mp4reader.c.... | E | |
| CVE-2019-20089 | GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for... | E | |
| CVE-2019-20090 | An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Cor... | E | |
| CVE-2019-20091 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::Ge... | E | |
| CVE-2019-20092 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::Ge... | E | |
| CVE-2019-20093 | The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers... | E | |
| CVE-2019-20094 | An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif... | E | |
| CVE-2019-20095 | mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 h... | | |
| CVE-2019-20096 | In the Linux kernel before 5.1, there is a memory leak in __feat_register_sp() in net/dccp/feat.c, w... | S | |
| CVE-2019-20097 | Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version... | S | |
| CVE-2019-20098 | The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before ve... | E | |
| CVE-2019-20099 | The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before ver... | E | |
| CVE-2019-20100 | The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The follo... | E | |
| CVE-2019-20101 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view ... | | |
| CVE-2019-20102 | The attachment-uploading feature in Atlassian Confluence Server from version 6.14.0 through version ... | | |
| CVE-2019-20104 | The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0 before... | E | |
| CVE-2019-20105 | The EditApplinkServlet resource in the Atlassian Application Links plugin before version 5.4.20, fro... | | |
| CVE-2019-20106 | Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 befor... | | |
| CVE-2019-20107 | Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users ... | S | |
| CVE-2019-20138 | The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the defa... | S | |
| CVE-2019-20139 | In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, ... | E | |
| CVE-2019-20140 | An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif... | E S | |
| CVE-2019-20141 | An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-r... | E | |
| CVE-2019-20142 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.3 through 12... | | |
| CVE-2019-20143 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.6. It has In... | | |
| CVE-2019-20144 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12... | | |
| CVE-2019-20145 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12... | | |
| CVE-2019-20146 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12... | | |
| CVE-2019-20147 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.... | | |
| CVE-2019-20148 | An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12... | | |
| CVE-2019-20149 | ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attr... | E S | |
| CVE-2019-20150 | In TreasuryXpress 19191105, a logged-in user can discover saved credentials, even though the UI hide... | E | |
| CVE-2019-20151 | An XSS issue was discovered in TreasuryXpress 19191105. Due to the lack of filtering and sanitizatio... | E | |
| CVE-2019-20152 | An XSS issue was discovered in TreasuryXpress 19191105. Due to the lack of filtering and sanitizatio... | E | |
| CVE-2019-20153 | An issue was discovered in Determine (formerly Selectica) Contract Lifecycle Management (CLM) in v5.... | E | |
| CVE-2019-20154 | An issue was discovered in Determine (formerly Selectica) Contract Lifecycle Management (CLM) v5.4. ... | E | |
| CVE-2019-20155 | An issue was discovered in report_edit.jsp in Determine (formerly Selectica) Contract Lifecycle Mana... | E | |
| CVE-2019-20159 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a memory leak... | E | |
| CVE-2019-20160 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based... | E | |
| CVE-2019-20161 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based bu... | E | |
| CVE-2019-20162 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based bu... | E | |
| CVE-2019-20163 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointe... | E | |
| CVE-2019-20164 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointe... | E | |
| CVE-2019-20165 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointe... | E | |
| CVE-2019-20166 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointe... | E | |
| CVE-2019-20167 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointe... | E | |
| CVE-2019-20168 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-f... | E | |
| CVE-2019-20169 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a use-after-f... | E | |
| CVE-2019-20170 | An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is an invalid po... | E | |
| CVE-2019-20171 | An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks... | E | |
| CVE-2019-20172 | Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not reject syscalls with pointers i... | E S | |
| CVE-2019-20173 | The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XSS via a wle parameter associat... | | |
| CVE-2019-20174 | Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placehold... | E | |
| CVE-2019-20175 | An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest syst... | E S | |
| CVE-2019-20176 | In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.... | S | |
| CVE-2019-20178 | Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user.... | | |
| CVE-2019-20179 | SOPlanning 1.45 has SQL injection via the user_list.php "by" parameter.... | | |
| CVE-2019-20180 | The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users. Not... | | |
| CVE-2019-20181 | The awesome-support plugin 5.8.0 for WordPress allows XSS via the post_title parameter.... | | |
| CVE-2019-20182 | The FooGallery plugin 1.8.12 for WordPress allow XSS via the post_title parameter.... | | |
| CVE-2019-20183 | uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code bec... | | |
| CVE-2019-20184 | KeePass 2.4.1 allows CSV injection in the title field of a CSV export.... | | |
| CVE-2019-20191 | Oxygen XML Editor 21.1.1 allows XXE to read any file.... | | |
| CVE-2019-20197 | In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacha... | E | |
| CVE-2019-20198 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursi... | E | |
| CVE-2019-20199 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a cra... | E | |
| CVE-2019-20200 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing craft... | E | |
| CVE-2019-20201 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML enti... | E | |
| CVE-2019-20202 | An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use... | E | |
| CVE-2019-20203 | The Authorized Addresses feature in the Postie plugin 1.9.40 for WordPress allows remote attackers t... | E | |
| CVE-2019-20204 | The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCr... | E | |
| CVE-2019-20205 | libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c.... | E | |
| CVE-2019-20208 | dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow.... | E S | |
| CVE-2019-20209 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for Word... | E | |
| CVE-2019-20210 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for Word... | E | |
| CVE-2019-20211 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for Word... | E | |
| CVE-2019-20212 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for Word... | E | |
| CVE-2019-20213 | D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via the AUT... | | |
| CVE-2019-20215 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS comman... | S | |
| CVE-2019-20216 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS comman... | S | |
| CVE-2019-20217 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS comman... | S | |
| CVE-2019-20218 | selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing ... | S | |
| CVE-2019-20219 | ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c.... | E | |
| CVE-2019-20220 | In Support Incident Tracker (SiT!) 3.67, the search_id parameter in the search_incidents_advanced.ph... | E | |
| CVE-2019-20221 | In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XS... | E | |
| CVE-2019-20222 | In Support Incident Tracker (SiT!) 3.67, the Short Application Name and Application Name inputs in t... | E | |
| CVE-2019-20223 | In Support Incident Tracker (SiT!) 3.67, the id parameter is affected by XSS on all endpoints that u... | E | |
| CVE-2019-20224 | netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to... | E | |
| CVE-2019-20225 | MyBB before 1.8.22 allows an open redirect on login.... | | |
| CVE-2019-20226 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20227 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20228 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20229 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20230 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20231 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20232 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20233 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20234 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20235 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20236 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20237 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20238 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20239 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20240 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20241 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20242 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20243 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20244 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20245 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20246 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20247 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20248 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20249 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20250 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20251 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20252 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20253 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20254 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20255 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20256 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20257 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20258 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20259 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20260 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20261 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20262 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20263 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20264 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20265 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20266 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20267 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20268 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20269 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20270 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20271 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20272 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20273 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20274 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20275 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20276 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20277 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20278 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20279 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20280 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20281 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20282 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20283 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20284 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20285 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20286 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20287 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20288 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20289 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20290 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20291 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20292 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20293 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20294 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20295 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20296 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20297 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20298 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20299 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20300 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20301 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20302 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20303 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20304 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20305 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20306 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20307 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20308 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20309 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20310 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20311 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20312 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20313 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20314 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20315 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20316 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20317 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20318 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20319 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20320 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20321 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20322 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20323 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20324 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20325 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2019-20326 | A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo... | E S | |
| CVE-2019-20327 | Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 a... | | |
| CVE-2019-20329 | OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP por... | E | |
| CVE-2019-20330 | FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.... | S | |
| CVE-2019-20334 | In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# functions in asm/eval.c. This... | E | |
| CVE-2019-20336 | In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter i... | E | |
| CVE-2019-20337 | In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulner... | E | |
| CVE-2019-20343 | The MojoHaus Exec Maven plugin 1.1.1 for Maven allows code execution via a crafted XML document beca... | | |
| CVE-2019-20348 | OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without pro... | E | |
| CVE-2019-20352 | In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) ... | E | |
| CVE-2019-20354 | The web application component of piSignage before 2.6.4 allows a remote attacker (authenticated as a... | E | |
| CVE-2019-20357 | A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 an... | E | |
| CVE-2019-20358 | Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may ... | | |
| CVE-2019-20360 | A flaw in Give before 2.5.5, a WordPress plugin, allowed unauthenticated users to bypass API authent... | E | |
| CVE-2019-20361 | There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed... | E | |
| CVE-2019-20362 | In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can... | | |
| CVE-2019-20363 | An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via alias to Manage Store Contents.... | E | |
| CVE-2019-20364 | An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via cacheName to SystemCacheDetails.js... | E | |
| CVE-2019-20365 | An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via search to the Users/Group search p... | E | |
| CVE-2019-20366 | An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTrustStore to Manage Store Conte... | E | |
| CVE-2019-20367 | nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from... | E | |
| CVE-2019-20372 | NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demon... | E S | |
| CVE-2019-20373 | LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an... | S | |
| CVE-2019-20374 | A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81... | S | |
| CVE-2019-20375 | A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attacker... | S | |
| CVE-2019-20376 | A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attacker... | S | |
| CVE-2019-20377 | TopList before 2019-09-03 allows XSS via a title.... | | |
| CVE-2019-20378 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter.... | E | |
| CVE-2019-20379 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter.... | E | |
| CVE-2019-20381 | TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. N... | S | |
| CVE-2019-20382 | QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect oper... | S | |
| CVE-2019-20383 | ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows esca... | E | |
| CVE-2019-20384 | Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/na... | E | |
| CVE-2019-20385 | The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo Aware CallManager 2012 devices ... | E | |
| CVE-2019-20386 | An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executin... | S | |
| CVE-2019-20387 | repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a las... | S | |
| CVE-2019-20388 | xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.... | S | |
| CVE-2019-20389 | An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A r... | E | |
| CVE-2019-20390 | A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Subrion CMS 4.2.1 that allows a ... | E | |
| CVE-2019-20391 | An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_v... | E S | |
| CVE-2019-20392 | An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_v... | E S | |
| CVE-2019-20393 | A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty descripti... | E S | |
| CVE-2019-20394 | A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement i... | E S | |
| CVE-2019-20395 | A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union typ... | E | |
| CVE-2019-20396 | A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern stat... | E S | |
| CVE-2019-20397 | A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization fi... | S | |
| CVE-2019-20398 | A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instan... | E S | |
| CVE-2019-20399 | A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1... | S | |
| CVE-2019-20400 | The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a d... | | |
| CVE-2019-20401 | Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configur... | | |
| CVE-2019-20402 | Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded ... | | |
| CVE-2019-20403 | The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to det... | | |
| CVE-2019-20404 | The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote at... | | |
| CVE-2019-20405 | The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote ... | | |
| CVE-2019-20406 | The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, an... | | |
| CVE-2019-20407 | The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.... | | |
| CVE-2019-20408 | The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attacke... | | |
| CVE-2019-20409 | The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to vers... | | |
| CVE-2019-20410 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive ... | | |
| CVE-2019-20411 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify Wallboar... | | |
| CVE-2019-20412 | The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center all... | | |
| CVE-2019-20413 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the appl... | | |
| CVE-2019-20414 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrar... | | |
| CVE-2019-20415 | Atlassian Jira Server and Data Center in affected versions allows remote attackers to modify logging... | | |
| CVE-2019-20416 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrar... | | |
| CVE-2019-20417 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-15011. Reason: This candidat... | R | |
| CVE-2019-20418 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to prevent users f... | | |
| CVE-2019-20419 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitra... | | |
| CVE-2019-20421 | In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite... | E S | |
| CVE-2019-20422 | In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F... | S | |
| CVE-2019-20423 | In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to th... | E | |
| CVE-2019-20424 | In the Lustre file system before 2.12.3, mdt_object_remote in the mdt module has a NULL pointer dere... | E | |
| CVE-2019-20425 | In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due... | E | |
| CVE-2019-20426 | In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due... | E | |
| CVE-2019-20427 | In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and poss... | E | |
| CVE-2019-20428 | In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due t... | | |
| CVE-2019-20429 | In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via ... | E | |
| CVE-2019-20430 | In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eada... | E | |
| CVE-2019-20431 | In the Lustre file system before 2.12.3, the ptlrpc module has an osd_map_remote_to_local out-of-bou... | E | |
| CVE-2019-20432 | In the Lustre file system before 2.12.3, the mdt module has an out-of-bounds access and panic due to... | E | |
| CVE-2019-20433 | libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0... | | |
| CVE-2019-20434 | An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) ... | E | |
| CVE-2019-20435 | An issue was discovered in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the ... | E | |
| CVE-2019-20436 | An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity S... | E | |
| CVE-2019-20437 | An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity S... | E | |
| CVE-2019-20438 | An issue was discovered in WSO2 API Manager 2.6.0. A potential stored Cross-Site Scripting (XSS) vul... | E | |
| CVE-2019-20439 | An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) ... | E | |
| CVE-2019-20440 | An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) ... | E | |
| CVE-2019-20441 | An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting (XSS) vul... | E | |
| CVE-2019-20442 | An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key ... | E | |
| CVE-2019-20443 | An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key ... | E | |
| CVE-2019-20444 | HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might ... | E S | |
| CVE-2019-20445 | HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a ... | E S | |
| CVE-2019-20446 | In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial o... | | |
| CVE-2019-20447 | Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endpoint.... | E | |
| CVE-2019-20451 | The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code... | E | |
| CVE-2019-20452 | A problem was found in Pydio Core before 8.2.4 and Pydio Enterprise before 8.2.4. A PHP object injec... | | |
| CVE-2019-20453 | A problem was found in Pydio Core before 8.2.4 and Pydio Enterprise before 8.2.4. A PHP object injec... | | |
| CVE-2019-20454 | An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and us... | E S | |
| CVE-2019-20455 | Gateways/Gateway.php in Heartland & Global Payments PHP SDK before 2.0.0 does not enforce SSL certif... | E S | |
| CVE-2019-20456 | Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent bef... | | |
| CVE-2019-20457 | An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface passw... | | |
| CVE-2019-20458 | An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device ... | | |
| CVE-2019-20459 | An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. With the SNMPv1 public ... | | |
| CVE-2019-20460 | An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't req... | | |
| CVE-2019-20461 | An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol ... | | |
| CVE-2019-20462 | An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interfa... | | |
| CVE-2019-20463 | An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A crash... | E | |
| CVE-2019-20464 | An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. By defa... | E | |
| CVE-2019-20465 | An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. It is p... | E | |
| CVE-2019-20466 | An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A local... | E | |
| CVE-2019-20467 | An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The dev... | E | |
| CVE-2019-20468 | An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It h... | | |
| CVE-2019-20469 | An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stor... | | |
| CVE-2019-20470 | An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions... | | |
| CVE-2019-20471 | An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the devi... | | |
| CVE-2019-20472 | An issue was discovered on One2Track 2019-12-08 devices. Any SIM card used with the device cannot ha... | | |
| CVE-2019-20473 | An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used w... | | |
| CVE-2019-20474 | An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the ma... | | |
| CVE-2019-20477 | PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of... | E | |
| CVE-2019-20478 | In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls... | | |
| CVE-2019-20479 | A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs wit... | S | |
| CVE-2019-20480 | In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin... | | |
| CVE-2019-20481 | In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowled... | | |
| CVE-2019-20483 | An issue was discovered in Viki Vera 4.9.1.26180. An attacker could set a user's last name to an XSS... | E | |
| CVE-2019-20484 | An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download ... | E | |
| CVE-2019-20485 | qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to... | | |
| CVE-2019-20486 | An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages (setup.cgi and adv_ind... | E | |
| CVE-2019-20487 | An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the WNR1000V4... | | |
| CVE-2019-20488 | An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web manag... | E | |
| CVE-2019-20489 | An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.c... | | |
| CVE-2019-20490 | cPanel before 82.0.18 allows authentication bypass because webmail usernames are processed inconsist... | | |
| CVE-2019-20491 | cPanel before 82.0.18 allows attackers to leverage virtual mail accounts in order to bypass account ... | | |
| CVE-2019-20492 | cPanel before 82.0.18 allows authentication bypass because of misparsing of the format of the passwo... | | |
| CVE-2019-20493 | cPanel before 82.0.18 allows self-XSS because JSON string escaping is mishandled (SEC-520).... | | |
| CVE-2019-20494 | In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable series of numbers (SEC-525).... | | |
| CVE-2019-20495 | cPanel before 82.0.18 allows attackers to read an arbitrary database via MySQL dump streaming (SEC-5... | | |
| CVE-2019-20496 | cPanel before 82.0.18 allows attackers to conduct arbitrary chown operations as root during log proc... | | |
| CVE-2019-20497 | cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SEC-533).... | | |
| CVE-2019-20498 | cPanel before 82.0.18 allows WebDAV authentication bypass because the connection-sharing logic is in... | | |
| CVE-2019-20499 | D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability vi... | E S | |
| CVE-2019-20500 | D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability vi... | KEV E S | |
| CVE-2019-20501 | D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability vi... | E S | |
| CVE-2019-20502 | An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer overflow via a long body2.ghp... | E | |
| CVE-2019-20503 | usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.... | E S | |
| CVE-2019-20504 | service/krashrpt.php in Quest KACE K1000 Systems Management Appliance before 6.4 SP3 (6.4.120822) al... | E | |
| CVE-2019-20509 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2019-20510 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-13456. Reason: This candidat... | R | |
| CVE-2019-20511 | ERPNext 11.1.47 allows blog?blog_category= Frame Injection.... | E | |
| CVE-2019-20512 | Open edX Ironwood.1 allows support/certificates?course_id= reflected XSS.... | E | |
| CVE-2019-20513 | Open edX Ironwood.1 allows support/certificates?user= reflected XSS.... | E | |
| CVE-2019-20514 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the address/ URI.... | E | |
| CVE-2019-20515 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the addresses/ URI.... | E | |
| CVE-2019-20516 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the blog/ URI.... | E | |
| CVE-2019-20517 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the contact/ URI.... | E | |
| CVE-2019-20518 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the project/ URI.... | E | |
| CVE-2019-20519 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ URI, as demonstrated by a crafte... | E | |
| CVE-2019-20520 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/method/ URI.... | E | |
| CVE-2019-20521 | ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/ URI.... | E | |
| CVE-2019-20522 | ilchCMS 2.1.23 allows XSS via the index.php/partner/index Link parameter.... | E | |
| CVE-2019-20523 | ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name parameter.... | E | |
| CVE-2019-20524 | ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter.... | E | |
| CVE-2019-20525 | Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp driver paramet... | E | |
| CVE-2019-20526 | Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp password param... | E | |
| CVE-2019-20527 | Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp serverURL para... | E | |
| CVE-2019-20528 | Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasource-standard.jsp username param... | E | |
| CVE-2019-20529 | In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Pr... | | |
| CVE-2019-20530 | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), P(9.0), and Q(10.0) software.... | | |
| CVE-2019-20531 | An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The Wi-Fi ... | | |
| CVE-2019-20532 | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attacke... | | |
| CVE-2019-20533 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (released in China... | | |
| CVE-2019-20534 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can view home-scre... | | |
| CVE-2019-20535 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) software. A connection to a... | | |
| CVE-2019-20536 | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (released in China... | | |
| CVE-2019-20537 | An issue was discovered on Samsung mobile devices with P(9.0) (TEEGRIS and Qualcomm chipsets). There... | | |
| CVE-2019-20538 | An issue was discovered on Samsung mobile devices with P(9.0) software. There is a heap overflow in ... | | |
| CVE-2019-20539 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets... | | |
| CVE-2019-20540 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20541 | An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The Wi-Fi ... | | |
| CVE-2019-20542 | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20543 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory... | | |
| CVE-2019-20544 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software.... | | |
| CVE-2019-20545 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software.... | | |
| CVE-2019-20546 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom Wi-Fi ch... | | |
| CVE-2019-20547 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) software. Data may leak via... | | |
| CVE-2019-20548 | An issue was discovered on Samsung mobile devices with P(9.0) devices (Qualcomm chipsets) software. ... | | |
| CVE-2019-20549 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets... | | |
| CVE-2019-20550 | An issue was discovered on Samsung mobile devices with O(8.x) (released in China and India) software... | | |
| CVE-2019-20551 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Attacker... | | |
| CVE-2019-20552 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory... | | |
| CVE-2019-20553 | An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos... | | |
| CVE-2019-20554 | An issue was discovered on Samsung mobile devices with O(8.x) software. Attackers can bypass Factory... | | |
| CVE-2019-20555 | An issue was discovered on Samsung mobile devices with N(7.x) software. The Gallery app allows attac... | | |
| CVE-2019-20556 | An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos... | | |
| CVE-2019-20557 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Attacker... | | |
| CVE-2019-20558 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20559 | An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery allows viewing of ph... | | |
| CVE-2019-20560 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20561 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20562 | An issue was discovered on Samsung mobile devices with P(9.0) (with TEEGRIS) software. There is a bu... | | |
| CVE-2019-20563 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20564 | An issue was discovered on Samsung mobile devices with any (before October 2019 for S9 or Note9) sof... | | |
| CVE-2019-20565 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) software. Attackers can cha... | | |
| CVE-2019-20566 | An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos... | | |
| CVE-2019-20567 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20568 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos and Qualcom... | | |
| CVE-2019-20569 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory... | | |
| CVE-2019-20570 | An issue was discovered on Samsung mobile devices with P(9.0), O(8.0), and N(7.1) software. Attacker... | | |
| CVE-2019-20571 | An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. There is type... | | |
| CVE-2019-20572 | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software.... | | |
| CVE-2019-20573 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is... | | |
| CVE-2019-20574 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is... | | |
| CVE-2019-20575 | An issue was discovered on Samsung mobile devices with P(9.0) software. The WPA3 handshake feature a... | | |
| CVE-2019-20576 | An issue was discovered on Samsung mobile devices with P(9.0) software. The MemorySaver Content Prov... | | |
| CVE-2019-20577 | An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The MALI G... | | |
| CVE-2019-20578 | An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buf... | | |
| CVE-2019-20579 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Gallery ... | | |
| CVE-2019-20580 | An issue was discovered on Samsung mobile devices with P(9.0) software. The Motion photo player allo... | | |
| CVE-2019-20581 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20582 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipset... | | |
| CVE-2019-20583 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20584 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20585 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20586 | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20587 | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20588 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20589 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. Th... | | |
| CVE-2019-20590 | An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is... | | |
| CVE-2019-20591 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is... | | |
| CVE-2019-20592 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is... | | |
| CVE-2019-20593 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks Pri... | | |
| CVE-2019-20594 | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software.... | | |
| CVE-2019-20595 | An issue was discovered on Samsung mobile devices with P(9.0) software. Quick Panel allows enabling ... | | |
| CVE-2019-20596 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software.... | | |
| CVE-2019-20597 | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. SPENgest... | | |
| CVE-2019-20598 | An issue was discovered on Samsung mobile devices with O(8.x) software. Bixby leaks the keyboard's l... | | |
| CVE-2019-20599 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Voice As... | | |
| CVE-2019-20600 | An issue was discovered on Samsung mobile devices with O(8.0) and P(9.0) (Exynos8890 chipsets) softw... | | |
| CVE-2019-20601 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos7570, 7580,... | | |
| CVE-2019-20602 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets... | | |
| CVE-2019-20603 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets... | | |
| CVE-2019-20604 | An issue was discovered on Samsung mobile devices with O(8.x) software. Attackers can disable Galler... | | |
| CVE-2019-20605 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20606 | An issue was discovered on Samsung mobile devices with any (before May 2019) software. A phishing at... | | |
| CVE-2019-20607 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998,... | | |
| CVE-2019-20608 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. An attac... | | |
| CVE-2019-20609 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can use Smartwatch... | | |
| CVE-2019-20610 | An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7... | | |
| CVE-2019-20611 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) ... | | |
| CVE-2019-20612 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Broadcom Wi-Fi, and SEC Wi... | | |
| CVE-2019-20613 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is time-bas... | | |
| CVE-2019-20614 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Allshare... | | |
| CVE-2019-20615 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Attackers can byp... | | |
| CVE-2019-20616 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks a t... | | |
| CVE-2019-20617 | An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Folder leaks preview ... | | |
| CVE-2019-20618 | An issue was discovered on Samsung mobile devices with P(9.0) software. The Pin Window feature allow... | | |
| CVE-2019-20619 | An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Startup leaks keyboar... | | |
| CVE-2019-20620 | An issue was discovered on Samsung mobile devices with P(9.0) software. The Settings application all... | | |
| CVE-2019-20621 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20622 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) ... | | |
| CVE-2019-20623 | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. Gallery ... | | |
| CVE-2019-20624 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. S-Voice leaks key... | | |
| CVE-2019-20625 | An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) (Exynos chipsets) software.... | | |
| CVE-2019-20626 | The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open re... | E | |
| CVE-2019-20627 | AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE.... | E S | |
| CVE-2019-20628 | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a ... | E S | |
| CVE-2019-20629 | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a ... | E S | |
| CVE-2019-20630 | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a ... | E S | |
| CVE-2019-20631 | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an... | E | |
| CVE-2019-20632 | An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an... | E | |
| CVE-2019-20633 | GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function ano... | E | |
| CVE-2019-20634 | An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from... | | |
| CVE-2019-20635 | codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and a... | | |
| CVE-2019-20636 | In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keyc... | S | |
| CVE-2019-20637 | An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x b... | | |
| CVE-2019-20638 | NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials.... | | |
| CVE-2019-20639 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20640 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20641 | NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level.... | | |
| CVE-2019-20642 | NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass.... | | |
| CVE-2019-20643 | NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information.... | | |
| CVE-2019-20644 | NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.... | | |
| CVE-2019-20645 | NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.... | | |
| CVE-2019-20646 | NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.... | | |
| CVE-2019-20647 | NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service.... | | |
| CVE-2019-20648 | NETGEAR RN42400 devices before 6.10.2 are affected by incorrect configuration of security settings.... | | |
| CVE-2019-20649 | NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.... | | |
| CVE-2019-20650 | Certain NETGEAR devices are affected by denial of service. This affects R8900 before 1.0.5.2, R9000 ... | | |
| CVE-2019-20651 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC... | | |
| CVE-2019-20652 | NETGEAR WAC505 devices before 8.2.1.16 are affected by disclosure of sensitive information.... | | |
| CVE-2019-20653 | Certain NETGEAR devices are affected by denial of service. This affects WAC505 before 8.0.6.4 and WA... | | |
| CVE-2019-20654 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects W... | | |
| CVE-2019-20655 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR5... | | |
| CVE-2019-20656 | Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D... | | |
| CVE-2019-20657 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D62... | | |
| CVE-2019-20658 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects FS728TLP b... | | |
| CVE-2019-20659 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R64... | | |
| CVE-2019-20660 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20661 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20662 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20663 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20664 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20665 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20666 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20667 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20668 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20669 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20670 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20671 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20672 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20673 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20674 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20675 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20676 | Certain NETGEAR devices are affected by lack of access control at the function level. This affects F... | | |
| CVE-2019-20677 | Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before... | | |
| CVE-2019-20678 | Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before... | | |
| CVE-2019-20679 | NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function lev... | | |
| CVE-2019-20680 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D70... | | |
| CVE-2019-20681 | Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, ... | | |
| CVE-2019-20682 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20683 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20684 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20685 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20686 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec... | | |
| CVE-2019-20687 | Certain NETGEAR devices are affected by denial of service. This affects D6200 before 1.1.00.34, D700... | | |
| CVE-2019-20688 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20689 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D60... | | |
| CVE-2019-20690 | Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.30, ... | | |
| CVE-2019-20691 | Certain NETGEAR devices are affected by CSRF. This affects D3600 before 1.0.0.72, D6000 before 1.0.0... | | |
| CVE-2019-20692 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20693 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects W... | | |
| CVE-2019-20694 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects GS728TP be... | | |
| CVE-2019-20695 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects SRK60 befo... | | |
| CVE-2019-20696 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC505 bef... | | |
| CVE-2019-20697 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20698 | Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC505 bef... | | |
| CVE-2019-20699 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec... | | |
| CVE-2019-20700 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20701 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20702 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20703 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20704 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20705 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20706 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R78... | | |
| CVE-2019-20707 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R78... | | |
| CVE-2019-20708 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20709 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20710 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20711 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20712 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D62... | | |
| CVE-2019-20713 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20714 | Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before... | | |
| CVE-2019-20715 | Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before... | | |
| CVE-2019-20716 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20717 | Certain NETGEAR devices are affected by denial of service. This affects D3600 before 1.0.0.75, D6000... | | |
| CVE-2019-20718 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D62... | | |
| CVE-2019-20719 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D62... | | |
| CVE-2019-20720 | Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before... | | |
| CVE-2019-20721 | Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX2700 befor... | | |
| CVE-2019-20722 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D78... | | |
| CVE-2019-20723 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20724 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20725 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20726 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D36... | | |
| CVE-2019-20727 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D61... | | |
| CVE-2019-20728 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D64... | | |
| CVE-2019-20729 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects J... | | |
| CVE-2019-20730 | Certain NETGEAR devices are affected by SQL injection. This affects D3600 before 1.0.0.68, D6000 bef... | | |
| CVE-2019-20731 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D62... | | |
| CVE-2019-20732 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D62... | | |
| CVE-2019-20733 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20734 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec... | | |
| CVE-2019-20735 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20736 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20737 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20738 | Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.58, D7800 before... | | |
| CVE-2019-20739 | NETGEAR R8500 devices before v1.0.2.128 are affected by a buffer overflow by an unauthenticated atta... | | |
| CVE-2019-20740 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20741 | NETGEAR WAC510 devices before 5.0.10.2 are affected by disclosure of sensitive information.... | | |
| CVE-2019-20742 | NETGEAR WAC510 devices before 8.0.1.3 are affected by stored XSS.... | | |
| CVE-2019-20743 | NETGEAR WAC510 devices before 8.0.1.3 are affected by stored XSS.... | | |
| CVE-2019-20744 | NETGEAR WAC510 devices before 5.0.10.2 are affected by disclosure of sensitive information.... | | |
| CVE-2019-20745 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC... | | |
| CVE-2019-20746 | Certain NETGEAR devices are affected by reflected XSS. This affects D3600 before 1.0.0.75, D6000 bef... | | |
| CVE-2019-20747 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20748 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20749 | Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6100v2 bef... | | |
| CVE-2019-20750 | Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6150v2 bef... | | |
| CVE-2019-20751 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20752 | Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.75, D6000 before... | | |
| CVE-2019-20753 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker... | | |
| CVE-2019-20754 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects DGN... | | |
| CVE-2019-20755 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20756 | Certain NETGEAR devices are affected by reflected XSS. This affects EX7000 before 1.0.0.64, EX6200 b... | | |
| CVE-2019-20757 | NETGEAR R7800 devices before 1.0.2.62 are affected by command injection by an authenticated user.... | | |
| CVE-2019-20758 | NETGEAR R7000 devices before 1.0.9.42 are affected by a buffer overflow by an authenticated user.... | | |
| CVE-2019-20759 | NETGEAR R9000 devices before 1.0.4.26 are affected by stored XSS.... | | |
| CVE-2019-20760 | NETGEAR R9000 devices before 1.0.4.26 are affected by authentication bypass.... | | |
| CVE-2019-20761 | NETGEAR R7800 devices before 1.0.2.62 are affected by command injection by an authenticated user.... | | |
| CVE-2019-20762 | Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D85... | | |
| CVE-2019-20763 | NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authentica... | | |
| CVE-2019-20764 | NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authentica... | | |
| CVE-2019-20765 | NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authentica... | | |
| CVE-2019-20766 | NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authentica... | | |
| CVE-2019-20767 | Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This... | | |
| CVE-2019-20768 | ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid bef... | E | |
| CVE-2019-20769 | An issue was discovered in LG PC Suite for LG G3 and earlier (aka LG PC Suite v5.3.27 and earlier). ... | | |
| CVE-2019-20770 | An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buf... | | |
| CVE-2019-20771 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 softwa... | | |
| CVE-2019-20772 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 softwa... | | |
| CVE-2019-20773 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 softwa... | | |
| CVE-2019-20774 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 softwa... | | |
| CVE-2019-20775 | An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150, a... | | |
| CVE-2019-20776 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. A... | | |
| CVE-2019-20777 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 softwa... | | |
| CVE-2019-20778 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 softwa... | | |
| CVE-2019-20779 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 softwa... | | |
| CVE-2019-20780 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. C... | | |
| CVE-2019-20781 | An issue was discovered in LG Bridge before April 2019 on Windows. DLL Hijacking can occur.... | | |
| CVE-2019-20782 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. L... | | |
| CVE-2019-20783 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (North Amer... | | |
| CVE-2019-20784 | An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (MTK chipse... | | |
| CVE-2019-20785 | An issue was discovered on LG mobile devices with Android OS 8.0 and 8.1 software for the DTAG carri... | | |
| CVE-2019-20786 | handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with ep... | E S | |
| CVE-2019-20787 | Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.... | | |
| CVE-2019-20788 | libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and he... | E S | |
| CVE-2019-20789 | Croogo before 3.0.7 allows XSS via the title to admin/menus/menus or admin/taxonomy/vocabularies.... | E | |
| CVE-2019-20790 | OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SP... | E | |
| CVE-2019-20791 | OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePsk... | E S | |
| CVE-2019-20792 | OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in li... | E S | |
| CVE-2019-20794 | An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces ar... | E | |
| CVE-2019-20795 | iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c. NOTE: security ... | S | |
| CVE-2019-20797 | An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server ... | E | |
| CVE-2019-20798 | An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL ... | E | |
| CVE-2019-20799 | In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to d... | E | |
| CVE-2019-20800 | In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler... | E | |
| CVE-2019-20801 | An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-tr... | E | |
| CVE-2019-20802 | An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-tr... | E | |
| CVE-2019-20803 | Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcategory id parameter, which is m... | E | |
| CVE-2019-20804 | Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromis... | E | |
| CVE-2019-20805 | p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PT_... | S | |
| CVE-2019-20806 | An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw586... | S | |
| CVE-2019-20807 | In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS comma... | S | |
| CVE-2019-20808 | In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ... | | |
| CVE-2019-20809 | The price oracle in PriceOracle.sol in Compound Finance Compound Price Oracle 1.0 through 2.0 allows... | M | |
| CVE-2019-20810 | go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not cal... | S | |
| CVE-2019-20811 | An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue... | S | |
| CVE-2019-20812 | An issue was discovered in the Linux kernel before 5.4.7. The prb_calc_retire_blk_tmo() function in ... | S | |
| CVE-2019-20813 | An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.... | S | |
| CVE-2019-20814 | An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows memory consumption because data... | S | |
| CVE-2019-20815 | An issue was discovered in Foxit PhantomPDF before 8.3.12. It allows stack consumption via nested fu... | S | |
| CVE-2019-20816 | An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference during ... | S | |
| CVE-2019-20817 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference... | S | |
| CVE-2019-20818 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows memory consumption beca... | S | |
| CVE-2019-20819 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It allows stack consumption via n... | S | |
| CVE-2019-20820 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference... | S | |
| CVE-2019-20821 | An issue was discovered in Foxit PhantomPDF Mac before 3.4. It has a NULL pointer dereference.... | | |
| CVE-2019-20822 | An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.7.0.29430. It... | | |
| CVE-2019-20823 | An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a buffer overflow because a loopin... | | |
| CVE-2019-20824 | An issue was discovered in Foxit PhantomPDF before 8.3.11. It has a NULL pointer dereference via FXS... | | |
| CVE-2019-20825 | An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an out-of-bounds write when Intern... | | |
| CVE-2019-20826 | An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It has a NU... | | |
| CVE-2019-20827 | An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows s... | | |
| CVE-2019-20828 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a buffer overflow because ... | S | |
| CVE-2019-20829 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has a NULL pointer dereference... | S | |
| CVE-2019-20830 | An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write whe... | S | |
| CVE-2019-20831 | An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.5.0.20733. It... | | |
| CVE-2019-20832 | An issue was discovered in Foxit PhantomPDF before 8.3.10. It has homograph mishandling.... | | |
| CVE-2019-20833 | An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, ... | | |
| CVE-2019-20834 | An issue was discovered in Foxit PhantomPDF before 8.3.10. It allows signature validation bypass via... | | |
| CVE-2019-20835 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has homograph mishandling.... | S | |
| CVE-2019-20836 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud crede... | S | |
| CVE-2019-20837 | An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It allows signature validation by... | S | |
| CVE-2019-20838 | libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or... | S | |
| CVE-2019-20839 | libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filenam... | S | |
| CVE-2019-20840 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash ... | S | |
| CVE-2019-20841 | An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. CSRF ... | | |
| CVE-2019-20842 | An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There... | | |
| CVE-2019-20843 | An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There... | | |
| CVE-2019-20844 | An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. An at... | | |
| CVE-2019-20845 | An issue was discovered in Mattermost Server before 5.18.0. It allows attackers to cause a denial of... | | |
| CVE-2019-20846 | An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local... | | |
| CVE-2019-20847 | An issue was discovered in Mattermost Server before 5.18.0. An attacker can send a user_typing WebSo... | | |
| CVE-2019-20848 | An issue was discovered in Mattermost Mobile Apps before 1.26.0. The Quick Reply feature mishandles ... | | |
| CVE-2019-20849 | An issue was discovered in Mattermost Mobile Apps before 1.26.0. Cookie data can persist on a device... | | |
| CVE-2019-20850 | An issue was discovered in Mattermost Mobile Apps before 1.26.0. A view cache can persist on a devic... | | |
| CVE-2019-20851 | An issue was discovered in Mattermost Mobile Apps before 1.26.0. An attacker can use directory trave... | | |
| CVE-2019-20852 | An issue was discovered in Mattermost Mobile Apps before 1.26.0. Local logging is not blocked for se... | | |
| CVE-2019-20853 | An issue was discovered in Mattermost Packages before 5.16.3. A Droplet could allow Internet access ... | | |
| CVE-2019-20854 | An issue was discovered in Mattermost Server before 5.17.0. It allows remote attackers to cause a de... | | |
| CVE-2019-20855 | An issue was discovered in Mattermost Server before 5.16.1, 5.15.2, 5.14.5, and 5.9.6. It allows att... | | |
| CVE-2019-20856 | An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection.... | | |
| CVE-2019-20857 | An issue was discovered in Mattermost Server before 5.16.0. It allows attackers to cause a denial of... | | |
| CVE-2019-20858 | An issue was discovered in Mattermost Server before 5.15.0. It allows attackers to cause a denial of... | | |
| CVE-2019-20859 | An issue was discovered in Mattermost Server before 5.15.0. Login access control can be bypassed via... | | |
| CVE-2019-20860 | An issue was discovered in Mattermost Server before 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows rem... | | |
| CVE-2019-20861 | An issue was discovered in Mattermost Desktop App before 4.2.2. It allows attackers to execute arbit... | | |
| CVE-2019-20862 | An issue was discovered in Mattermost Server before 5.13.0. Non-members may fetch a team's slash com... | | |
| CVE-2019-20863 | An issue was discovered in Mattermost Server before 5.13.0. Incoming webhook creation is not properl... | | |
| CVE-2019-20864 | An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to... | | |
| CVE-2019-20865 | An issue was discovered in Mattermost Server before 5.12.0, 5.11.1, 5.10.2, 5.9.2, and 4.10.10. The ... | | |
| CVE-2019-20866 | An issue was discovered in Mattermost Server before 5.12.0. Use of a Proxy HTTP header, rather than ... | | |
| CVE-2019-20867 | An issue was discovered in Mattermost Server before 5.11.0. An attacker can interfere with a channel... | | |
| CVE-2019-20868 | An issue was discovered in Mattermost Server before 5.11.0. Invite IDs were improperly generated.... | | |
| CVE-2019-20869 | An issue was discovered in Mattermost Server before 5.10.0, 5.9.1, 5.8.2, and 4.10.9. A non-member c... | | |
| CVE-2019-20870 | An issue was discovered in Mattermost Server before 5.10.0. An attacker can bypass the intended appe... | | |
| CVE-2019-20871 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown li... | | |
| CVE-2019-20872 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack... | | |
| CVE-2019-20873 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attac... | | |
| CVE-2019-20874 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attac... | | |
| CVE-2019-20875 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows a pas... | | |
| CVE-2019-20876 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Users can deact... | | |
| CVE-2019-20877 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows attac... | | |
| CVE-2019-20878 | An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. Changes, within... | | |
| CVE-2019-20879 | An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. Changes to e-ma... | | |
| CVE-2019-20880 | An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows attac... | | |
| CVE-2019-20881 | An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks against... | | |
| CVE-2019-20882 | An issue was discovered in Mattermost Server before 5.8.0. It does not honor the domain requirement ... | | |
| CVE-2019-20883 | An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only. Use... | | |
| CVE-2019-20884 | An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a... | | |
| CVE-2019-20885 | An issue was discovered in Mattermost Server before 5.8.0. It does not always generate a robots.txt ... | | |
| CVE-2019-20886 | An issue was discovered in Mattermost Server before 5.8.0. The first user is sometimes inadvertently... | | |
| CVE-2019-20887 | An issue was discovered in Mattermost Server before 5.7.1, 5.6.4, 5.5.3, and 4.10.6. It does not hon... | | |
| CVE-2019-20888 | An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attacke... | | |
| CVE-2019-20889 | An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It mishandles per... | | |
| CVE-2019-20890 | An issue was discovered in Mattermost Server before 5.7. It allows a bypass of e-mail address discov... | | |
| CVE-2019-20891 | WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery ... | | |
| CVE-2019-20892 | net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via ... | E S | |
| CVE-2019-20893 | An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11... | | |
| CVE-2019-20894 | Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verifica... | E | |
| CVE-2019-20896 | WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter.... | | |
| CVE-2019-20897 | The avatar upload feature in affected versions of Atlassian Jira Server and Data Center allows remot... | S | |
| CVE-2019-20898 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to access sensitiv... | | |
| CVE-2019-20899 | The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers... | | |
| CVE-2019-20900 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrar... | | |
| CVE-2019-20901 | The login.jsp resource in Jira before version 8.5.2, and from version 8.6.0 before version 8.6.1 all... | | |
| CVE-2019-20902 | Upgrading Crowd via XML Data Transfer can reactivate a disabled user from OpenLDAP. The affected ver... | | |
| CVE-2019-20903 | The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attacke... | | |
| CVE-2019-20907 | In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an ... | S | |
| CVE-2019-20908 | An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect acce... | S | |
| CVE-2019-20909 | An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the fu... | E S | |
| CVE-2019-20910 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffe... | E S | |
| CVE-2019-20911 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service ... | E S | |
| CVE-2019-20912 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow i... | E S | |
| CVE-2019-20913 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffe... | E S | |
| CVE-2019-20914 | An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the fu... | E S | |
| CVE-2019-20915 | An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffe... | E S | |
| CVE-2019-20916 | The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install ... | E S | |
| CVE-2019-20917 | An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a ... | S | |
| CVE-2019-20918 | An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vul... | S | |
| CVE-2019-20919 | An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requir... | S | |
| CVE-2019-20920 | Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup h... | E | |
| CVE-2019-20921 | bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in... | S | |
| CVE-2019-20922 | Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matchin... | S | |
| CVE-2019-20923 | Crash while handling internal Javascript exception types | | |
| CVE-2019-20924 | Invariant in IndexBoundsBuilder | | |
| CVE-2019-20925 | Denial of service via malformed network packet | S | |
| CVE-2019-20933 | InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in ser... | S | |
| CVE-2019-20934 | An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler ... | S |