Skip to main content
CVE-2019-9545 HIGH POC This Week

An issue was discovered in Poppler 0.74.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Poppler
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2019-9544 HIGH POC This Week

An issue was discovered in Bento4 1.5.1-628. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption Bento4
NVD GitHub
CVSS 3.0
8.8
EPSS
1.6%
CVE-2019-9543 HIGH POC This Week

An issue was discovered in Poppler 0.74.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Poppler
NVD
CVSS 3.0
8.8
EPSS
3.3%
CVE-2019-9546 CRITICAL Act Now

SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Orion Platform
NVD GitHub
CVSS 3.0
9.8
EPSS
2.8%
CVE-2019-9483 CRITICAL Act Now

Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ring Video Doorbell Firmware
NVD
CVSS 3.0
9.1
EPSS
0.6%
CVE-2019-9484 HIGH This Week

The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pcoweb Card Firmware
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-9482 MEDIUM PATCH This Month

In MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Misp
NVD GitHub VulDB
CVSS 3.0
5.3
EPSS
0.7%
CVE-2019-9547 MEDIUM This Month

In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Storage Performance Development Kit
NVD GitHub
CVSS 3.0
5.3
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy