Skip to main content
CVE-2019-9948 CRITICAL POC PATCH THREAT Act Now

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Python Leap Debian Linux Fedora +7
NVD GitHub
CVSS 3.1
9.1
EPSS
11.8%
CVE-2019-9945 CRITICAL Act Now

SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nginx Information Disclosure Cloud
NVD
CVSS 3.0
9.8
EPSS
5.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy