Skip to main content
CVE-2019-11640 HIGH POC This Week

An issue was discovered in GNU recutils 1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Recutils
NVD GitHub
CVSS 3.0
8.8
EPSS
1.9%
CVE-2019-11639 HIGH POC This Week

An issue was discovered in GNU recutils 1.8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Recutils
NVD GitHub
CVSS 3.0
8.8
EPSS
1.9%
CVE-2019-11632 HIGH POC This Week

In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Octopus Deploy Octopus Server
NVD GitHub
CVSS 3.0
8.1
EPSS
1.2%
CVE-2019-0227 HIGH POC PATCH THREAT This Week

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. Public exploit code available.

SSRF Apache Axis Agile Engineering Data Management Agile Product Lifecycle Management +34
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
86.5%
CVE-2019-10954 HIGH This Week

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Compactlogix 5370 L1 Firmware Compactlogix 5370 L2 Firmware Compactlogix 5370 L3 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
6.1%
CVE-2019-11641 HIGH This Week

Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Agave
NVD GitHub
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-11636 HIGH This Week

Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zcash
NVD GitHub
CVSS 3.0
7.5
EPSS
2.2%
CVE-2019-11633 HIGH This Week

HoneyPress through 2016-09-27 can be fingerprinted by attackers because of the ingrained unique www.atxsec.com and ayylmao.wpengine.com hostnames within the fake WordPress templates. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Information Disclosure Honeypress
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy