Skip to main content
CVE-2019-11987 HIGH This Week

A security vulnerability in HPE Smart Update Manager (SUM) prior to v8.4 could allow local unauthorized elevation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Smart Update Manager
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2019-12494 HIGH This Week

In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gardener
NVD GitHub
CVSS 3.0
7.5
EPSS
1.9%
CVE-2019-9187 HIGH This Week

ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Ikiwiki
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2019-1868 HIGH This Week

A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to access sensitive system information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Webex Meetings Server
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-5355 HIGH This Week

A remote denial of service vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intelligent Management Center
NVD
CVSS 3.0
7.5
EPSS
54.0%
CVE-2019-1861 HIGH This Week

A vulnerability in the software update feature of Cisco Industrial Network Director could allow an authenticated, remote attacker to execute arbitrary code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Industrial Network Director
NVD
CVSS 3.1
7.2
EPSS
4.4%
CVE-2019-11983 HIGH This Week

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than. Rated high severity (CVSS 7.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Integrated Lights Out 5 Firmware Integrated Lights Out 4 Firmware
NVD
CVSS 3.0
7.0
EPSS
1.1%
CVE-2019-9755 HIGH This Week

An integer underflow issue exists in ntfs-3g 2017.3.23. Rated high severity (CVSS 7.0). No vendor patch available.

Integer Overflow RCE Buffer Overflow Ntfs 3G Enterprise Linux +4
NVD
CVSS 3.1
7.0
EPSS
0.5%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy