v.26.4.2314

Critical Severity Vulnerabilities

Found 1593 vulnerabilities at Critical severity.

Vulnerability Name

CVE

CWE

Severity

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)

CVE-2019-14540

CWE-502

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)

CVE-2019-14540

CWE-502

Critical

Moodle CVE-2019-14880 Vulnerability (CVE-2019-14880)

CVE-2019-14880

-

Critical

Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2019-14887)

CVE-2019-14887

CWE-326

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14892)

CVE-2019-14892

CWE-502

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14893)

CVE-2019-14893

CWE-502

Critical

MySQL Deserialization of Untrusted Data Vulnerability (CVE-2019-14893)

CVE-2019-14893

CWE-502

Critical

Craft CMS Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-15929)

CVE-2019-15929

CWE-640

Critical

ATutor Incorrect Authorization Vulnerability (CVE-2019-16114)

CVE-2019-16114

CWE-863

Critical

LimeSurvey Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2019-16184)

CVE-2019-16184

CWE-1236

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)

CVE-2019-16335

CWE-502

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)

CVE-2019-16335

CWE-502

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)

CVE-2019-16942

CWE-502

Critical

Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)

CVE-2019-16942

CWE-502

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)

CVE-2019-16942

CWE-502

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16943)

CVE-2019-16943

CWE-502

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16943)

CVE-2019-16943

CWE-502

Critical

WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-17195)

CVE-2019-17195

CWE-754

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)

CVE-2019-17267

CWE-502

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17267)

CVE-2019-17267

CWE-502

Critical

Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)

CVE-2019-17444

CWE-521

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)

CVE-2019-17531

CWE-502

Critical

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)

CVE-2019-17531

CWE-502

Critical

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17559)

CVE-2019-17559

CWE-444

Critical

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-17565)

CVE-2019-17565

CWE-444

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17571)

CVE-2019-17571

CWE-502

Critical

WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17669)

CVE-2019-17669

CWE-918

Critical

WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17670)

CVE-2019-17670

CWE-918

Critical

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-18622)

CVE-2019-18622

CWE-138

Critical

Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2019-18801)

CVE-2019-18801

CWE-787

Critical

Envoy Proxy CVE-2019-18802 Vulnerability (CVE-2019-18802)

CVE-2019-18802

-

Critical

Telerik Web UI Deserialization of Untrusted Data Vulnerability (CVE-2019-18935)

CVE-2019-18935

CWE-502

Critical

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19212)

CVE-2019-19212

CWE-707

Critical

Sqlite Incorrect Conversion between Numeric Types Vulnerability (CVE-2019-19317)

CVE-2019-19317

CWE-681

Critical

PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19594)

CVE-2019-19594

CWE-434

Critical

PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19595)

CVE-2019-19595

CWE-434

Critical

phpMyAdmin CVE-2019-19617 Vulnerability (CVE-2019-19617)

CVE-2019-19617

-

Critical

Sqlite Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-19646)

CVE-2019-19646

CWE-754

Critical

Django Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2019-19844)

CVE-2019-19844

CWE-640

Critical

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19846)

CVE-2019-19846

CWE-138

Critical

Handlebars Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-19919)

CVE-2019-19919

CWE-138

Critical

WordPress Improper Input Validation Vulnerability (CVE-2019-20041)

CVE-2019-20041

CWE-20

Critical

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-20330)

CVE-2019-20330

CWE-502

Critical

Atlassian Jira Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-20409)

CVE-2019-20409

CWE-138

Critical

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20444)

CVE-2019-20444

CWE-444

Critical

Jboss EAP Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2019-20445)

CVE-2019-20445

CWE-444

Critical

Cherokee Out-of-bounds Write Vulnerability (CVE-2019-20800)

CVE-2019-20800

CWE-787

Critical

LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25019)

CVE-2019-25019

CWE-138

Critical

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-25710)

CVE-2019-25710

CWE-138

Critical

Oracle Database Server CVE-2019-2517 Vulnerability (CVE-2019-2517)

CVE-2019-2517

-

Critical

WebLogic CVE-2019-2645 Vulnerability (CVE-2019-2645)

CVE-2019-2645

-

Critical

WebLogic CVE-2019-2646 Vulnerability (CVE-2019-2646)

CVE-2019-2646

-

Critical

WebLogic CVE-2019-2658 Vulnerability (CVE-2019-2658)

CVE-2019-2658

-

Critical

WebLogic Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-2725)

CVE-2019-2725

CWE-138

Critical

WebLogic Improper Access Control Vulnerability (CVE-2019-2729)

CVE-2019-2729

CWE-284

Critical

WebLogic CVE-2019-2856 Vulnerability (CVE-2019-2856)

CVE-2019-2856

-

Critical

Atlassian Confluence Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3395)

CVE-2019-3395

CWE-918

Critical

Atlassian Confluence Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-3396)

CVE-2019-3396

CWE-22

Critical

Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-3809)

CVE-2019-3809

CWE-918

Critical

Oracle HTTP Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-3822)

CVE-2019-3822

CWE-119

Critical

Jboss EAP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3873)

CVE-2019-3873

CWE-707

Critical

Undertow Insertion of Sensitive Information into Log File Vulnerability (CVE-2019-3888)

CVE-2019-3888

CWE-532

Critical

Ruby on Rails Improper Input Validation Vulnerability (CVE-2019-5420)

CVE-2019-5420

CWE-20

Critical

Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-5482)

CVE-2019-5482

CWE-787

Critical

silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5715)

CVE-2019-5715

CWE-138

Critical

Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5720)

CVE-2019-5720

CWE-138

Critical

Drupal Improper Input Validation Vulnerability (CVE-2019-6339)

CVE-2019-6339

CWE-20

Critical

Drupal Improper Input Validation Vulnerability (CVE-2019-6342)

CVE-2019-6342

CWE-20

Critical

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-6798)

CVE-2019-6798

CWE-138

Critical

Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7139)

CVE-2019-7139

CWE-138

Critical

Nexus Repository Manager CVE-2019-7238 Vulnerability (CVE-2019-7238)

CVE-2019-7238

-

Critical

Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-7743)

CVE-2019-7743

CWE-502

Critical

Magento CVE-2019-8121 Vulnerability (CVE-2019-8121)

CVE-2019-8121

-

Critical

Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8135)

CVE-2019-8135

CWE-138

Critical

Magento CVE-2019-8136 Vulnerability (CVE-2019-8136)

CVE-2019-8136

-

Critical