Vulnerability Trends

CVE-2019-5786Important: chromium-browser security update
CVE-2019-5418CVE-2019-5418
CVE-2019-0604A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka...
CVE-2017-0147The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Wind...
CVE-2018-8024In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's jo...
CVE-2019-5420CVE-2019-5420
CVE-2019-8917SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes ...
CVE-2016-5384fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free atta...
CVE-2019-1716A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone ...
CVE-2017-8037In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf-release versions after v244 and prior to v270, there is an ...
CVE-2018-8174A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code E...
CVE-2018-20250In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.d...
CVE-2018-17057An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
CVE-2019-9915GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter.
CVE-2017-11882Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an a...
CVE-2018-18913Opera before 57.0.3098.106 is vulnerable to a DLL Search Order hijacking attack where an attacker can send a ZIP archive composed of an HTML page alon...
CVE-2019-9913The wp-live-chat-support plugin before 8.0.18 for WordPress has wp-admin/admin.php?page=wplivechat-menu-gdpr-page term XSS.
CVE-2019-0696Microsoft CVE-2019-0696: Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-9912The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATH_INFO.
CVE-2019-3871A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when...

Top Vendors

microsoft 6265
oracle 5668
ibm 4376
apple 4342
google 4122
cisco 3820
debian 3104
adobe 2960
redhat 2611
linux 2221