Skip to main content
CVE-2019-9750 CRITICAL POC Act Now

In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Iotivity
NVD
CVSS 3.0
9.1
EPSS
1.3%
CVE-2019-9748 CRITICAL POC Act Now

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Tinysvcmdns
NVD
CVSS 3.0
9.1
EPSS
2.4%
CVE-2019-1723 CRITICAL PATCH Act Now

A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Cisco Common Services Platform Collector
NVD
CVSS 3.1
9.8
EPSS
5.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy