Skip to main content
CVE-2019-10149 CRITICAL POC KEV PATCH THREAT Act Now

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Exim Ubuntu Linux Debian Linux
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
100.0%
CVE-2019-8385 CRITICAL POC THREAT Act Now

An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.358. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Path Traversal RCE Concourse Matter Room Firm Central Desktop
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
19.6%
CVE-2019-12553 CRITICAL POC Act Now

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption 010 Editor
NVD GitHub
CVSS 3.0
9.8
EPSS
2.4%
CVE-2019-7671 CRITICAL POC Act Now

Prima Systems FlexAir, Versions 2.3.38 and prior. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Flexair
NVD Exploit-DB
CVSS 3.1
9.0
EPSS
8.3%
CVE-2019-9548 CRITICAL Act Now

Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33 has Incorrect Access Control. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Citrix Information Disclosure Application Delivery Management
NVD
CVSS 3.0
10.0
EPSS
1.5%
CVE-2019-12196 CRITICAL Act Now

A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Zoho Manageengine Netflow Analyzer
NVD
CVSS 3.0
9.8
EPSS
69.1%
CVE-2019-11988 CRITICAL Act Now

A Remote Unauthorized Access vulnerability was identified in HPE Smart Update Manager (SUM) earlier than version 8.3.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Smart Update Manager
NVD
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-9642 CRITICAL PATCH Act Now

An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

PHP Path Traversal Pydio
NVD GitHub
CVSS 3.0
9.8
EPSS
2.4%
CVE-2019-11949 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
8.1%
CVE-2019-5391 CRITICAL Act Now

A stack buffer overflow vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2019-5390 CRITICAL Act Now

A remote command injection vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-5387 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
8.1%
CVE-2019-5367 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
8.0%
CVE-2019-5358 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
8.1%
CVE-2019-5356 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
10.9%
CVE-2019-5352 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
8.1%
CVE-2019-5347 CRITICAL Act Now

A remote authentication bypass vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
5.4%
CVE-2019-11945 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
78.6%
CVE-2019-11944 CRITICAL Act Now

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Intelligent Management Center
NVD
CVSS 3.0
9.8
EPSS
13.3%
CVE-2019-11768 CRITICAL PATCH Act Now

An issue was discovered in phpMyAdmin before 4.9.0.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Phpmyadmin
NVD
CVSS 3.0
9.8
EPSS
4.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy