Skip to main content
CVE-2019-3575 HIGH POC PATCH This Week

Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Python RCE Sqla Yaml Fixtures
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-3580 HIGH POC This Week

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Openrefine
NVD GitHub
CVSS 3.0
7.5
EPSS
1.9%
CVE-2019-5007 HIGH PATCH This Week

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Buffer Overflow Microsoft Information Disclosure Foxit Reader +1
NVD
CVSS 3.0
7.1
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy