Skip to main content
CVE-2019-7652 HIGH POC This Week

TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Cortex Analyzers
NVD Exploit-DB
CVSS 3.0
7.7
EPSS
5.2%
CVE-2019-7181 HIGH POC This Week

Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Myqnapcloud
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
9.8%
CVE-2019-11837 HIGH POC This Week

njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nginx Information Disclosure Njs
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-4071 HIGH This Week

IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) could allow a remote attacker to execute arbitrary commands on the system, caused by improper. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Control Tivoli Storage Productivity Center
NVD
CVSS 3.1
8.8
EPSS
4.3%
CVE-2019-6566 HIGH This Week

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Ge Communicator
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-6564 HIGH This Week

GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ge Communicator
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-6546 HIGH This Week

GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ge Communicator
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2019-9847 HIGH This Week

A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Apple Information Disclosure Libreoffice
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2019-11842 HIGH PATCH This Week

An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sydent Synapse
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-11832 HIGH PATCH This Week

TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Typo3
NVD
CVSS 3.0
7.5
EPSS
3.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy