Skip to main content
CVE-2019-5747 HIGH POC PATCH This Week

An issue was discovered in BusyBox through 1.30.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Busybox Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
4.7%
CVE-2019-5882 CRITICAL PATCH Act Now

Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Use After Free Memory Corruption Irssi Ubuntu Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2019-5748 CRITICAL PATCH Act Now

In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Java Server
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-0542 HIGH PATCH This Week

A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Xterm Js Openshift Container Platform
NVD GitHub
CVSS 3.1
8.8
EPSS
3.2%
CVE-2019-3581 HIGH This Week

Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mcafee Web Gateway
NVD
CVSS 3.0
7.5
EPSS
2.3%
CVE-2019-3498 MEDIUM PATCH This Month

In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Information Disclosure Django Debian Linux Ubuntu Linux +1
NVD
CVSS 3.0
6.5
EPSS
3.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy