Skip to main content
CVE-2019-5436 HIGH POC PATCH THREAT Act Now

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Heap Overflow Buffer Overflow RCE Libcurl Leap +9
NVD VulDB
CVSS 3.1
7.8
EPSS
13.3%
CVE-2019-5440 HIGH POC This Week

Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver < v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Revive Adserver
NVD
CVSS 3.0
8.1
EPSS
1.6%
CVE-2019-12372 HIGH POC This Week

Petraware pTransformer ADC before 2.1.7.22827 allows SQL Injection via the User ID parameter to the login form. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ptransformer Adc
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-10967 HIGH This Week

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Ovation Ocr400 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.8%
CVE-2019-10965 HIGH This Week

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Ovation Ocr400 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2019-7394 HIGH This Week

A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Risk Authentication Strong Authentication
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2019-5589 HIGH This Week

An Unsafe Search Path vulnerability in FortiClient Online Installer (Windows version before 6.0.6) may allow an unauthenticated, remote attacker with control over the directory in which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Fortinet Microsoft RCE Forticlient
NVD
CVSS 3.0
7.8
EPSS
2.6%
CVE-2019-0188 HIGH PATCH This Week

Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Apache Camel Enterprise Data Quality Enterprise Manager Base Platform +2
NVD GitHub
CVSS 3.1
7.5
EPSS
8.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy