Skip to main content
CVE-2019-3822 CRITICAL POC PATCH THREAT Act Now

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Stack Overflow Libcurl Ubuntu Linux Debian Linux +13
NVD
CVSS 3.1
9.8
EPSS
12.8%
CVE-2019-3464 CRITICAL Act Now

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rssh Debian Linux Fedora Ubuntu Linux
NVD
CVSS 3.1
9.8
EPSS
4.7%
CVE-2019-3463 CRITICAL Act Now

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rssh Debian Linux Fedora Ubuntu Linux
NVD
CVSS 3.1
9.8
EPSS
4.9%
CVE-2019-1003015 CRITICAL PATCH Act Now

An XML external entity processing vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/client/RestApiClient.java that allows attackers. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Java Denial Of Service Jenkins Job Import
NVD
CVSS 3.0
9.1
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy