Skip to main content
CVE-2019-7297 CRITICAL POC THREAT Act Now

An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
12.5%
CVE-2019-7249 CRITICAL POC Act Now

In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Information Disclosure Keybase
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2019-7216 HIGH POC This Week

An issue was discovered in FileChucker 4.99e-free-e02. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Filechucker
NVD GitHub
CVSS 3.0
7.8
EPSS
2.0%
CVE-2019-7283 HIGH POC This Week

An issue was discovered in rcp in NetKit through 0.17. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Netkit Debian Linux
NVD
CVSS 3.1
7.4
EPSS
2.0%
CVE-2019-6110 MEDIUM POC PATCH THREAT This Month

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

SSH RCE Openssh Winscp Element Software +4
NVD Exploit-DB
CVSS 3.1
6.8
EPSS
20.9%
CVE-2019-7296 MEDIUM POC This Month

typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Typora
NVD GitHub
CVSS 3.0
6.1
EPSS
1.7%
CVE-2019-7295 MEDIUM POC This Month

typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Typora
NVD GitHub
CVSS 3.0
6.1
EPSS
1.7%
CVE-2019-7250 MEDIUM POC This Month

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Google Cross Reference
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-7282 MEDIUM POC This Month

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Netkit Debian Linux Fedora
NVD
CVSS 3.1
5.9
EPSS
2.1%
CVE-2019-6111 MEDIUM POC PATCH THREAT This Month

An issue was discovered in OpenSSH 7.9. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

SSH Path Traversal Openssh Winscp Ubuntu Linux +16
NVD Exploit-DB
CVSS 3.1
5.9
EPSS
58.2%
CVE-2019-6438 CRITICAL Act Now

SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Slurm Leap
NVD
CVSS 3.0
9.8
EPSS
2.3%
CVE-2019-6109 MEDIUM PATCH This Month

An issue was discovered in OpenSSH 7.9. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

SSH Information Disclosure Openssh Winscp Ubuntu Linux +17
NVD VulDB
CVSS 3.1
6.8
EPSS
9.7%
CVE-2019-4040 MEDIUM This Month

IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM
NVD
CVSS 3.1
6.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy