Skip to main content
CVE-2019-9082 HIGH POC KEV THREAT Act Now

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Thinkphp Open Source Background Management System Zzzphp
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
97.4%
CVE-2019-8375 CRITICAL POC PATCH THREAT Act Now

The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Apple Webkitgtk Leap +1
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
16.1%
CVE-2019-9077 HIGH POC PATCH This Week

An issue was discovered in GNU Binutils 2.32. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Binutils Element Software Ubuntu Linux +1
NVD
CVSS 3.1
7.8
EPSS
2.0%
CVE-2019-9075 HIGH POC PATCH This Week

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Binutils Hci Management Node Solidfire +15
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2019-9070 HIGH POC PATCH This Week

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Binutils Element Software Management Ubuntu Linux +1
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2019-9076 MEDIUM POC PATCH This Month

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Binutils Element Software Management
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2019-9074 MEDIUM POC PATCH This Month

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Binutils Hci Management Node Solidfire +1
NVD
CVSS 3.1
5.5
EPSS
1.6%
CVE-2019-9073 MEDIUM POC PATCH This Month

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Binutils Hci Management Node Solidfire Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2019-9072 MEDIUM POC PATCH This Month

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Binutils Hci Management Node Solidfire
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2019-9071 MEDIUM POC PATCH This Month

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Binutils Hci Management Node Solidfire Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2019-9078 MEDIUM POC This Month

zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Zzcms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy