Skip to main content
CVE-2019-1663 CRITICAL POC THREAT Emergency

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco RCE Rv110W Firmware Rv130W Firmware +1
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
95.7%
CVE-2019-9227 CRITICAL POC Act Now

An issue was discovered in baigo CMS 2.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection PHP RCE Baigo Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
3.7%
CVE-2019-1674 HIGH POC THREAT This Week

A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Command Injection Cisco Webex Meetings Webex Meetings Online +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
10.8%
CVE-2019-2000 HIGH POC This Week

In several functions of binder.c, there is possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Google +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2019-1999 HIGH POC This Week

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Google Privilege Escalation Android Debian Linux Ubuntu Linux
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.8%
CVE-2019-9208 HIGH POC This Week

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.9%
CVE-2019-9226 MEDIUM POC This Month

An issue was discovered in baigo CMS 2.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Baigo Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-9215 CRITICAL Act Now

In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Streaming Media Backports Sle Leap Debian Linux
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2019-9209 MEDIUM POC This Month

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Wireshark Debian Linux Ubuntu Linux Leap
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2019-1994 HIGH This Week

In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2019-1991 HIGH This Week

In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2019-1988 HIGH This Week

In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Android
NVD
CVSS 3.0
8.8
EPSS
1.9%
CVE-2019-1986 HIGH This Week

In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2019-6555 HIGH This Week

Cscape, 9.80 SP4 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Cscape
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2019-1993 HIGH This Week

In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-1987 HIGH PATCH This Week

In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2019-3582 HIGH This Week

Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Endpoint Security
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-6551 HIGH This Week

Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Fax Ata
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2019-1997 HIGH This Week

In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2019-1992 HIGH This Week

In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Google Android
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-3599 HIGH This Week

Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Agent
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-9214 HIGH This Week

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2019-1996 MEDIUM This Month

In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2019-6547 MEDIUM PATCH This Month

Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Screeneditor
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2019-2001 MEDIUM This Month

The permissions on /proc/iomem were world-readable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2019-1998 MEDIUM This Month

In event_handler of keymaster_app.c, there is possible resource exhaustion due to a table being lost on reboot. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Android
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2019-1995 MEDIUM This Month

In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2019-3598 MEDIUM This Month

Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a denial of service via specifically crafted UDP packets. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Agent
NVD
CVSS 3.0
5.3
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy