Skip to main content
CVE-2019-1674 HIGH POC THREAT This Week

A vulnerability in the update service of Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow an authenticated, local attacker to execute arbitrary commands as. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Command Injection Cisco Webex Meetings Webex Meetings Online +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
10.8%
CVE-2019-2000 HIGH POC This Week

In several functions of binder.c, there is possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Google +2
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2019-1999 HIGH POC This Week

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Google Privilege Escalation Android Debian Linux Ubuntu Linux
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.8%
CVE-2019-9208 HIGH POC This Week

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.9%
CVE-2019-1994 HIGH This Week

In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2019-1991 HIGH This Week

In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2019-1988 HIGH This Week

In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Android
NVD
CVSS 3.0
8.8
EPSS
1.9%
CVE-2019-1986 HIGH This Week

In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2019-6555 HIGH This Week

Cscape, 9.80 SP4 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Cscape
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2019-1993 HIGH This Week

In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Integer Overflow Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-1987 HIGH PATCH This Week

In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2019-3582 HIGH This Week

Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Endpoint Security
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-6551 HIGH This Week

Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Fax Ata
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2019-1997 HIGH This Week

In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2019-1992 HIGH This Week

In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use-after-free due to a race condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition RCE Google Android
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-3599 HIGH This Week

Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Agent
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-9214 HIGH This Week

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy