Skip to main content
CVE-2019-7234 CRITICAL POC Act Now

An issue was discovered in idreamsoft iCMS 7.0.13. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Icms
NVD GitHub
CVSS 3.0
9.1
EPSS
2.2%
CVE-2019-7233 HIGH POC This Week

In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libdoc
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2019-7237 HIGH POC This Week

An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Microsoft Icms
NVD GitHub
CVSS 3.0
7.5
EPSS
2.2%
CVE-2019-7236 HIGH POC This Week

An issue was discovered in idreamsoft iCMS 7.0.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Icms
NVD GitHub
CVSS 3.0
7.5
EPSS
2.2%
CVE-2019-7235 HIGH POC This Week

An issue was discovered in idreamsoft iCMS 7.0.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Icms
NVD GitHub
CVSS 3.0
7.5
EPSS
2.5%
CVE-2019-3912 MEDIUM POC This Month

An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Labkey Server
NVD
CVSS 3.1
6.1
EPSS
4.8%
CVE-2019-3911 MEDIUM POC This Month

Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 allows an unauthenticated remote attacker to inject arbitrary javascript via the onerror. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Labkey Server
NVD
CVSS 3.1
6.1
EPSS
3.8%
CVE-2018-19440 MEDIUM POC PATCH This Month

ARM Trusted Firmware-A allows information disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trusted Firmware A
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2019-3913 MEDIUM POC This Month

Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an authenticated remote attacker to unmount any drive on the system leading to denial of service. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Command Injection Labkey Server
NVD
CVSS 3.1
4.9
EPSS
1.7%
CVE-2019-0190 HIGH This Week

A bug exists in the way mod_ssl handled client renegotiations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Denial Of Service Apache Http Server Enterprise Manager Ops Center +3
NVD
CVSS 3.1
7.5
EPSS
59.9%
CVE-2019-1566 MEDIUM This Month

The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto XSS Pan Os
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-1565 MEDIUM This Month

The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto XSS Pan Os
NVD
CVSS 3.0
5.4
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy