Vulnerability Trends

CVE-2019-5736runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain...
CVE-2019-0626Microsoft Windows DHCP Server CVE-2019-0626 Remote Code Execution Vulnerability
CVE-2018-8495A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This...
CVE-2019-6340Drupal Core CVE-2019-6340 Arbitrary PHP Code Execution Vulnerability
CVE-2018-20250By crafting the filename field of the ACE format, the destination folder (extraction folder) is ignored, and the relative path in the filename field b...
CVE-2019-8912In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a...
CVE-2018-4193An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows atta...
CVE-2019-3924MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defin...
CVE-2019-1003000A sandbox bypass vulnerability exists in Script Security Plugin 2.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/...
CVE-2018-1999002A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Staple...
CVE-2019-8923XAMPP 5.6.8 - SQL Injection / Persistent Cross-Site Scripting
CVE-2019-8924XAMPP 5.6.8 - SQL Injection / Persistent Cross-Site Scripting
CVE-2019-8925Zoho ManageEngine Netflow Analyzer Professional CReportPDFServlet directory traversal
CVE-2019-7238Insufficient access controls have been discovered in Nexus Repository Manager 3 which allow remote code execution. An unauthenticated attacker can inj...
CVE-2019-8929Zoho ManageEngine Netflow Analyzer Professional selectDevice.jsp cross-site scripting
CVE-2019-6977gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x ...
CVE-2018-5745CVE-2018-5745
CVE-2019-6465CVE-2019-6465
CVE-2018-18845Advanced Comment System 1.0 Cross Site Scripting
CVE-2018-5744CVE-2018-5744

Top Vendors

microsoft 6188
oracle 5678
ibm 4330
apple 4311
google 4108
cisco 3778
adobe 2960
debian 2522
redhat 2432
linux 2220