Skip to main content
CVE-2019-5018 HIGH POC This Week

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Sqlite +1
NVD
CVSS 3.1
8.1
EPSS
6.7%
CVE-2019-5675 HIGH This Week

NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Denial Of Service Microsoft Information Disclosure Gpu Driver
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-5496 HIGH This Week

Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oncommand Insight
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2019-5495 HIGH This Week

OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft VMware Information Disclosure Oncommand Unified Manager
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-5494 HIGH This Week

OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Oncommand Unified Manager
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2019-11082 HIGH PATCH This Week

core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Java Path Traversal Dkpro Core
NVD GitHub
CVSS 3.0
7.5
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy