Skip to main content
CVE-2019-6128 HIGH POC PATCH This Week

The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Libtiff Ubuntu Linux Leap Debian Linux
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2019-6138 HIGH POC This Week

An issue has been found in libIEC61850 v1.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libiec61850
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-6137 HIGH POC This Week

An issue was discovered in lib60870 2.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Lib60870
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-6136 HIGH POC This Week

An issue has been found in libIEC61850 v1.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libiec61850
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-6135 HIGH POC This Week

An issue has been found in libIEC61850 v1.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libiec61850
NVD GitHub
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-6132 HIGH POC This Week

An issue was discovered in Bento4 v1.5.1-627. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-6127 HIGH POC This Week

An issue was discovered in XiaoCms 20141229. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE PHP Xiaocms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.5%
CVE-2019-6129 MEDIUM POC This Month

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libpng
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2019-6131 MEDIUM POC This Month

svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mupdf
NVD
CVSS 3.0
5.5
EPSS
1.5%
CVE-2019-6130 MEDIUM POC This Month

Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mupdf
NVD
CVSS 3.0
5.5
EPSS
1.6%
CVE-2019-6126 HIGH This Week

The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Advance Peer To Peer Mlm Script
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-6133 MEDIUM PATCH This Month

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. Rated medium severity (CVSS 6.7).

Authentication Bypass Race Condition Polkit Debian Linux Enterprise Linux Desktop +6
NVD
CVSS 3.0
6.7
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy