Skip to main content
CVE-2019-6719 HIGH POC This Week

An issue has been found in libIEC61850 v1.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Libiec61850
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-6706 HIGH POC PATCH THREAT This Week

Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Use After Free Memory Corruption Lua Ubuntu Linux
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
17.2%
CVE-2019-6708 HIGH POC This Week

PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpshe
NVD GitHub
CVSS 3.0
7.2
EPSS
1.0%
CVE-2019-6707 HIGH POC This Week

PHPSHE 1.7 has SQL injection via the admin.php?mod=product&act=state product_id[] parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpshe
NVD GitHub
CVSS 3.0
7.2
EPSS
1.0%
CVE-2019-6691 HIGH POC This Week

phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=backup&c=backup&a=doback tabledb[] parameter, related to the "--backup database" option. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpwind
NVD GitHub
CVSS 3.0
7.2
EPSS
1.1%
CVE-2019-1641 HIGH This Week

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Cisco Webex Meetings Online +1
NVD
CVSS 3.0
7.8
EPSS
1.4%
CVE-2019-1640 HIGH This Week

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Cisco Webex Meetings Online +1
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2019-1639 HIGH This Week

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Cisco Webex Meetings Online +1
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2019-1638 HIGH This Week

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Cisco Webex Meetings Online +1
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2019-1637 HIGH This Week

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft RCE Cisco Webex Meetings Online +1
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2019-1636 HIGH This Week

A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Command Injection Cisco Webex Teams
NVD
CVSS 3.0
7.8
EPSS
46.9%
CVE-2019-1644 HIGH This Week

A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to exhaust system resources, resulting in a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Iot Field Network Director
NVD
CVSS 3.1
7.5
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy