Skip to main content
CVE-2019-6991 CRITICAL POC PATCH Act Now

A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Zoneminder
NVD GitHub
CVSS 3.0
9.8
EPSS
3.3%
CVE-2019-6986 HIGH POC PATCH This Week

SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Command Injection Vitro
NVD GitHub
CVSS 3.0
7.5
EPSS
3.0%
CVE-2019-6988 MEDIUM POC This Month

An issue was discovered in OpenJPEG 2.3.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Openjpeg
NVD GitHub
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-6992 MEDIUM POC PATCH This Month

A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Zoneminder
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-6979 MEDIUM POC PATCH This Month

An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Ip History Logs
NVD Exploit-DB GitHub
CVSS 3.0
6.1
EPSS
2.1%
CVE-2019-6978 CRITICAL PATCH Act Now

The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Information Disclosure Libgd Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-6990 MEDIUM POC PATCH This Month

A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS PHP Zoneminder
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-6985 HIGH This Week

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 3D
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2019-3462 HIGH PATCH This Week

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Advanced Package Tool Ubuntu Linux Debian Linux Active Iq +1
NVD
CVSS 3.1
8.1
EPSS
14.6%
CVE-2019-3593 HIGH This Week

Exploitation of Privilege/Trust vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.R18 allows local users to bypass product self-protection, tamper with policies. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Total Protection
NVD
CVSS 3.0
7.1
EPSS
0.3%
CVE-2019-6984 MEDIUM This Month

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free Memory Corruption 3D
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2019-6983 MEDIUM This Month

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow 3D
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2019-6982 MEDIUM This Month

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption 3D
NVD
CVSS 3.0
5.5
EPSS
2.5%
CVE-2019-3815 LOW Monitor

A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Red Hat Openshift Container Platform Enterprise Linux Desktop Enterprise Linux Server +4
NVD
CVSS 3.1
3.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy