Skip to main content
CVE-2019-3575 HIGH POC PATCH This Week

Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Python RCE Sqla Yaml Fixtures
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-3580 HIGH POC This Week

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Openrefine
NVD GitHub
CVSS 3.0
7.5
EPSS
1.9%
CVE-2019-3905 CRITICAL Act Now

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Zoho Manageengine Adselfservice Plus
NVD
CVSS 3.0
10.0
EPSS
3.3%
CVE-2019-3701 MEDIUM POC PATCH This Month

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Linux Memory Corruption Linux Kernel Debian Linux +1
NVD
CVSS 3.0
4.4
EPSS
0.7%
CVE-2019-5007 HIGH PATCH This Week

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Buffer Overflow Microsoft Information Disclosure Foxit Reader +1
NVD
CVSS 3.0
7.1
EPSS
1.6%
CVE-2019-5006 MEDIUM PATCH This Month

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Microsoft Foxit Reader Phantompdf
NVD
CVSS 3.0
5.5
EPSS
0.9%
CVE-2019-5005 MEDIUM PATCH This Month

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Microsoft Memory Corruption Foxit Reader +1
NVD
CVSS 3.0
5.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy