Vulnerability Trends

CVE-2019-2647Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affe...
CVE-2018-5743bind9 vulnerability
CVE-2019-0232When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 ...
CVE-2019-6467CVE-2019-6467
CVE-2019-5624Rubyzip RCE affects Metasploit
CVE-2019-0726A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows ...
CVE-2019-8507OS X update for QuartzCore (CVE-2019-8507)
CVE-2018-20434LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during...
CVE-2019-6468ISC BIND nxdomain-redirect feature denial of service
CVE-2019-3799CVE-2019-3799
CVE-2018-11976Android Security Bulletin—April 2019
CVE-2019-9978The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as explo...
CVE-2017-10271Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected a...
CVE-2017-0147The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Wind...
CVE-2019-3396The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the f...
CVE-2019-0859An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation ...
CVE-2019-11458CakePHP vulnerability affects applications that open serialized content from user input. When doing so the SmtpTransport can be used to overwrite any ...
CVE-2018-20823The gyroscope on Xiaomi Mi 5s devices allows attackers to cause a denial of service (resonance and false data) via a 20.4 kHz audio signal, aka a MEMS...
CVE-2018-20250In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.d...
CVE-2017-18367libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restricti...

Top Vendors

microsoft 6400
oracle 5841
apple 4503
ibm 4416
google 4137
cisco 3875
debian 3276
adobe 2960
redhat 2727
linux 2237