Skip to main content
CVE-2019-10068 CRITICAL POC KEV THREAT Emergency

An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Deserialization Xperience
NVD
CVSS 3.1
9.8
EPSS
96.0%
CVE-2019-8981 CRITICAL POC PATCH Act Now

tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the need_bytes value is mismanaged. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Axtls
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2019-7714 CRITICAL POC Act Now

An issue was discovered in Interpeak IPWEBS on Green Hills INTEGRITY RTOS 5.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Integrity Rtos
NVD GitHub
CVSS 3.0
9.8
EPSS
2.1%
CVE-2019-7713 CRITICAL POC Act Now

An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Integrity Rtos
NVD GitHub
CVSS 3.0
9.8
EPSS
1.9%
CVE-2019-3597 CRITICAL Act Now

Authentication Bypass vulnerability in McAfee Network Security Manager (NSM) 9.1 < 9.1.7.75.2 and 9.2 < 9.2.7.31 (9.2 Update 2) allows unauthenticated users to gain administrator rights via incorrect. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Network Security Manager
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-10061 CRITICAL PATCH Act Now

utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Node.js Command Injection Node Opencv
NVD GitHub
CVSS 3.0
9.8
EPSS
4.2%
CVE-2019-6569 CRITICAL PATCH Act Now

The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port into the mirrored network. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Scalance X 200 Firmware Scalance X 300 Firmware Scalance Xp 200 Firmware Scalance Xc 200 Firmware +1
NVD
CVSS 3.1
9.1
EPSS
1.3%
CVE-2019-10063 CRITICAL PATCH Act Now

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Linux Flatpak
NVD GitHub
CVSS 3.0
9.0
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy