Skip to main content
CVE-2019-6503 CRITICAL POC Act Now

There is a deserialization vulnerability in Chatopera cosin v3.10.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Deserialization Cosin
NVD GitHub
CVSS 3.0
9.8
EPSS
2.2%
CVE-2019-6260 CRITICAL PATCH Act Now

The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ast2400 Firmware Ast2500 Firmware Fas Aff Baseboard Management Controller
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2019-6339 CRITICAL PATCH Act Now

In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Drupal Debian Linux
NVD
CVSS 3.0
9.8
EPSS
33.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy