Skip to main content
CVE-2019-12099 HIGH POC PATCH THREAT This Week

In PHP-Fusion 9.03.00, edit_profile.php allows remote authenticated users to execute arbitrary code because includes/dynamics/includes/form_fileinput.php and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP File Upload RCE Php Fusion
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
17.5%
CVE-2019-11328 HIGH POC PATCH This Week

An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Singularity Fedora Backports Leap
NVD GitHub
CVSS 3.1
8.8
EPSS
2.1%
CVE-2019-9861 HIGH POC This Week

Due to the use of an insecure RFID technology (MIFARE Classic), ABUS proximity chip keys (RFID tokens) of the ABUS Secvest FUAA50000 wireless alarm system can easily be cloned and used to deactivate. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Secvest Wireless Alarm System Fuaa50000 Firmware
NVD
CVSS 3.0
8.1
EPSS
1.6%
CVE-2019-11336 HIGH POC This Week

Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Photo Sharing Plus
NVD
CVSS 3.0
8.1
EPSS
3.2%
CVE-2019-10921 HIGH POC This Week

A vulnerability has been identified in LOGO!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Logo 8 Bm Firmware
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2019-0301 HIGH This Week

Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Identity Management
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2019-0280 HIGH This Week

SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18 and 8.0; S4CORE 1.01, 1.02 and 1.03), does not perform necessary authorization checks for authorization. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP Treasury And Risk Management
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2019-11204 HIGH This Week

The web interface component of TIBCO Software Inc.'s TIBCO Spotfire Statistics Services contains a vulnerability that might theoretically allow an authenticated user to access sensitive information. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Spotfire Statistics Services
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2019-10918 HIGH This Week

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Simatic Pcs 7 Simatic Wincc Simatic Wincc Tia Portal Simatic Wincc Runtime Professional
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2019-10916 HIGH This Week

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Simatic Pcs 7 Simatic Wincc Simatic Wincc Tia Portal Simatic Wincc Runtime Professional
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2019-8978 HIGH This Week

An improper authentication vulnerability can be exploited through a race condition that occurs in Ellucian Banner Web Tailor 8.8.3, 8.8.4, and 8.9 and Banner Enterprise Identity Services 8.3, 8.3.1,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Denial Of Service Banner Enterprise Identity Services Banner Web Tailor
NVD
CVSS 3.0
8.1
EPSS
5.9%
CVE-2019-10924 HIGH This Week

A vulnerability has been identified in LOGO!. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Logo Soft Comfort
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-0287 HIGH This Week

Under certain conditions SAP BusinessObjects Business Intelligence platform (Central Management Server), versions 4.2 and 4.3, allows an attacker to access information which would otherwise be. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Businessobjects
NVD
CVSS 3.0
7.6
EPSS
1.7%
CVE-2019-6578 HIGH This Week

A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G28), SINAMICS PERFECT HARMONY GH180 with NXG. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Sinamics Perfect Harmony Gh180 With Nxg I Control Mlfb 6Sr2 Firmware Sinamics Perfect Harmony Gh180 With Nxg I Control Mlfb 6Sr3 Firmware Sinamics Perfect Harmony Gh180 With Nxg I Control Mlfb 6Sr4 Firmware Sinamics Perfect Harmony Gh180 With Nxg Ii Control Mlfb 6Sr2 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2019-6574 HIGH This Week

A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 with NXG I control, MLFBs: 6SR2...-, 6SR3...-, 6SR4...- (All Versions with option G21, G22, G23, G26, G28, G31, G32, G38, G43 or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sinamics Perfect Harmony Gh180 With Nxg I Control Mlfb 6Sr2 Firmware Sinamics Perfect Harmony Gh180 With Nxg I Control Mlfb 6Sr3 Firmware Sinamics Perfect Harmony Gh180 With Nxg I Control Mlfb 6Sr4 Firmware Sinamics Perfect Harmony Gh180 With Nxg Ii Control Mlfb 6Sr2 Firmware +2
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-10920 HIGH This Week

A vulnerability has been identified in LOGO!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Logo 8 Bm Firmware
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2019-0289 HIGH This Week

Under certain conditions SAP BusinessObjects Business Intelligence platform (Analysis for OLAP), versions 4.2 and 4.3, allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Businessobjects
NVD
CVSS 3.0
7.1
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy