Skip to main content
CVE-2019-9617 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Ofcms
NVD
CVSS 3.0
8.8
EPSS
2.7%
CVE-2019-9614 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ofcms
NVD
CVSS 3.0
8.8
EPSS
2.6%
CVE-2019-9612 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Ofcms
NVD
CVSS 3.0
8.8
EPSS
2.7%
CVE-2019-9609 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Ofcms
NVD
CVSS 3.0
8.8
EPSS
2.7%
CVE-2019-9608 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Ofcms
NVD
CVSS 3.0
8.8
EPSS
2.7%
CVE-2019-9581 HIGH POC PATCH THREAT This Week

phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP File Upload Booked
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
13.5%
CVE-2019-9589 HIGH POC This Week

There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Xpdfreader
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2019-9588 HIGH POC This Week

There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Xpdfreader
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2019-9587 HIGH POC This Week

There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Xpdfreader
NVD
CVSS 3.0
7.8
EPSS
1.2%
CVE-2019-9601 HIGH POC This Week

The ApowerManager application through 3.1.7 for Android allows remote attackers to cause a denial of service via many simultaneous /?Key=PhoneRequestAuthorization requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Denial Of Service Apowermanager
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
8.3%
CVE-2019-9600 HIGH POC This Week

The Olive Tree FTP Server (aka com.theolivetree.ftpserver) application through 1.32 for Android allows remote attackers to cause a denial of service via a client that makes many connection attempts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Denial Of Service Ftp Server
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
8.3%
CVE-2019-9599 HIGH POC THREAT This Week

The AirDroid application through 4.2.1.6 for Android allows remote attackers to cause a denial of service (service crash) via many simultaneous sdctl/comm/lite_auth/ requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Denial Of Service Airdroid
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
13.3%
CVE-2019-9590 HIGH POC This Week

An issue was discovered on TENGCONTROL T-920 PLC v5.5 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service T 920 Plc Firmware
NVD GitHub
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-9616 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Ofcms
NVD
CVSS 3.0
7.2
EPSS
2.7%
CVE-2019-9615 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ofcms
NVD
CVSS 3.0
7.2
EPSS
1.3%
CVE-2019-9613 HIGH POC This Week

An issue was discovered in OFCMS before 1.1.3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Ofcms
NVD
CVSS 3.0
7.2
EPSS
2.7%
CVE-2019-1593 HIGH PATCH This Week

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-1591 HIGH PATCH This Week

A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-1585 HIGH This Week

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os Application Policy Infrastructure Controller Software
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-0200 HIGH PATCH This Week

A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apache Qpid Broker J
NVD
CVSS 3.0
7.5
EPSS
3.8%
CVE-2019-1594 HIGH PATCH This Week

A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Denial Of Service Cisco VMware Nx Os
NVD
CVSS 3.0
7.4
EPSS
0.8%
CVE-2019-1543 HIGH This Week

ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

OpenSSL Information Disclosure
NVD
CVSS 3.0
7.4
EPSS
5.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy