Skip to main content
CVE-2019-11682 CRITICAL POC Act Now

A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute arbitrary code remotely via a long HELP command, a related issue to CVE-2019-11395. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Mailcarrier
NVD
CVSS 3.0
9.8
EPSS
3.2%
CVE-2018-16988 CRITICAL Act Now

An issue was discovered in Open XDMoD through 7.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Authentication Bypass Open Xdmod
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2019-11683 CRITICAL PATCH Act Now

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Linux Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
9.8
EPSS
7.1%
CVE-2019-11678 CRITICAL Act Now

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Zoho Manageengine Firewall Analyzer
NVD
CVSS 3.0
9.8
EPSS
9.5%
CVE-2019-11677 CRITICAL Act Now

The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Zoho Manageengine Firewall Analyzer
NVD
CVSS 3.0
9.8
EPSS
9.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy