Skip to main content
CVE-2019-7174 CRITICAL POC Act Now

Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Roxy Fileman
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-6140 CRITICAL Act Now

A configuration issue has been discovered in Forcepoint Email Security 8.4.x and 8.5.x: the product is left in a vulnerable state if the hybrid registration process is not completed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Email Security
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-0813 CRITICAL PATCH Act Now

An elevation of privilege vulnerability exists when Windows Admin Center improperly impersonates operations in certain situations, aka 'Windows Admin Center Elevation of Privilege Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows Admin Center
NVD
CVSS 3.0
9.8
EPSS
3.5%
CVE-2019-0786 CRITICAL PATCH Act Now

An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
9.8
EPSS
7.0%
CVE-2019-9134 CRITICAL Act Now

Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Architectural Information System
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2019-3940 CRITICAL Act Now

Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload RCE Webaccess
NVD
CVSS 3.0
9.8
EPSS
4.1%
CVE-2019-0726 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +2
NVD
CVSS 3.0
9.8
EPSS
54.0%
CVE-2019-0698 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +2
NVD
CVSS 3.0
9.8
EPSS
62.8%
CVE-2019-0697 CRITICAL PATCH Act Now

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10 +2
NVD
CVSS 3.0
9.8
EPSS
29.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy