Skip to main content
CVE-2019-9760 CRITICAL POC THREAT Emergency

FTPGetter Standard v.5.97.0.177 allows remote code execution when a user initiates an FTP connection to an attacker-controlled machine that sends crafted responses. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Ftpgetter
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
53.1%
CVE-2019-9762 CRITICAL POC Act Now

A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Phpshe
NVD
CVSS 3.0
9.8
EPSS
5.1%
CVE-2019-9775 CRITICAL POC Act Now

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
9.1
EPSS
3.0%
CVE-2019-9774 CRITICAL POC Act Now

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
9.1
EPSS
3.0%
CVE-2019-9787 HIGH POC PATCH THREAT This Week

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP XSS WordPress RCE CSRF
NVD GitHub
CVSS 3.0
8.8
EPSS
43.8%
CVE-2019-9769 HIGH POC This Week

PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Piluscart
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.3%
CVE-2019-9785 HIGH POC This Week

gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as demonstrated by a javascript:window.parent.top.require('child_process').execFile substring in the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Gitnote
NVD GitHub
CVSS 3.0
7.8
EPSS
4.2%
CVE-2019-9767 HIGH POC This Week

Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wma file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Free Mp3 Cd Ripper
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
8.0%
CVE-2019-9766 HIGH POC This Week

Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .mp3 file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Free Mp3 Cd Ripper
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
8.0%
CVE-2019-9779 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-9778 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-9777 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-9776 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-9773 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.9%
CVE-2019-9772 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-9771 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-9770 HIGH POC This Week

An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.9%
CVE-2019-9768 HIGH POC THREAT This Week

Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Canarytokens
NVD GitHub Exploit-DB
CVSS 3.0
7.5
EPSS
11.7%
CVE-2019-9761 HIGH POC This Week

An XXE issue was discovered in PHPSHE 1.7, which can be used to read any file in the system or scan the internal network without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE PHP Phpshe
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-9765 MEDIUM POC This Month

In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Blog Mini
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-9825 CRITICAL Act Now

FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Feifeicms
NVD GitHub
CVSS 3.0
9.8
EPSS
2.2%
CVE-2019-4034 HIGH This Week

IBM Content Navigator 3.0CD is could allow an attacker to execute arbitrary code on a user's workstation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Content Navigator
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2019-0135 HIGH This Week

Improper permissions in the installer for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Rapid Storage Technology Enterprise Thinkstation P520 Firmware Thinkstation P520C Firmware +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-0129 HIGH This Week

Improper permissions for Intel(R) USB 3.0 Creator Utility all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Usb 3 0 Creator Utility
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-0121 HIGH This Week

Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Matrix Storage Manager
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-3833 HIGH This Week

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Openwsman Fedora Leap
NVD
CVSS 3.1
7.5
EPSS
15.2%
CVE-2019-3816 HIGH This Week

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Openwsman Enterprise Linux Enterprise Linux Desktop Enterprise Linux Eus +7
NVD
CVSS 3.1
7.5
EPSS
14.7%
CVE-2019-0122 HIGH This Week

Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Information Disclosure Intel Software Guard Extensions Sdk
NVD
CVSS 3.0
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy