Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (323535 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-19266 1 Icewarp 1 Mail Server 2024-11-21 5.4 Medium
IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 2 of 2) in notes for objects.
CVE-2019-19265 1 Icewarp 1 Mail Server 2024-11-21 6.1 Medium
IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows XSS (issue 1 of 2) in notes for contacts.
CVE-2019-19264 1 Simplifile 1 Recordfusion 2024-11-21 7.5 High
In Simplifile RecordFusion through 2019-11-25, the logs and hist parameters allow remote attackers to access local files via a logger/logs?/../ or logger/hist?/../ URI.
CVE-2019-19263 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions.
CVE-2019-19262 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions.
CVE-2019-19261 1 Gitlab 1 Gitlab 2024-11-21 8.8 High
GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF.
CVE-2019-19260 1 Gitlab 1 Gitlab 2024-11-21 5.4 Medium
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).
CVE-2019-19259 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR).
CVE-2019-19258 1 Gitlab 1 Gitlab 2024-11-21 5.3 Medium
GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorrect Access Control.
CVE-2019-19257 1 Gitlab 1 Gitlab 2024-11-21 5.3 Medium
GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2).
CVE-2019-19256 1 Gitlab 1 Gitlab 2024-11-21 5.3 Medium
GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control.
CVE-2019-19255 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorrect Access Control.
CVE-2019-19254 1 Gitlab 1 Gitlab 2024-11-21 5.3 Medium
GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.
CVE-2019-19252 1 Linux 1 Linux Kernel 2024-11-21 7.8 High
vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.
CVE-2019-19251 1 Last.fm 1 Last.fm Desktop 2024-11-21 5.3 Medium
The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS makes HTTP requests that include an API key without the use of SSL/TLS. Although there is an Enable SSL option, it is disabled by default, and cleartext requests are made as soon as the app starts.
CVE-2019-19250 1 Opentrade Project 1 Opentrade 2024-11-21 9.8 Critical
OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server/utils.js.
CVE-2019-19249 1 Querytreeapp 1 Querytree 2024-11-21 9.8 Critical
Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.
CVE-2019-19248 1 Ea 1 Origin 2024-11-21 7.8 High
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).
CVE-2019-19247 1 Ea 1 Origin 2024-11-21 7.8 High
Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).
CVE-2019-19246 6 Canonical, Debian, Fedoraproject and 3 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2024-11-21 7.5 High
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.