Skip to main content
CVE-2019-9087 CRITICAL POC Act Now

HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hoteldruid
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2019-9086 CRITICAL POC Act Now

HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle.php anno parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hoteldruid
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2019-12776 CRITICAL POC Act Now

An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Datagate Mk2 Firmware Storm 24 Firmware Pixelator Firmware E Streamer Mk2 Firmware
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2019-12771 CRITICAL POC Act Now

Command injection is possible in ThinStation through 6.1.1 via shell metacharacters after the cgi-bin/CdControl.cgi action= substring, or after the cgi-bin/VolControl.cgi OK= substring. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Thinstation
NVD GitHub
CVSS 3.0
9.8
EPSS
2.8%
CVE-2019-2097 CRITICAL Act Now

In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possible memory corruption due to type confusion. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2019-12601 CRITICAL Act Now

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 3 of 3). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Suitecrm
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-12600 CRITICAL Act Now

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 2 of 3). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Suitecrm
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-12599 CRITICAL Act Now

SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Suitecrm
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-12598 CRITICAL Act Now

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 1 of 3). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Suitecrm
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-10160 CRITICAL PATCH Act Now

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Information Disclosure Enterprise Linux Desktop Enterprise Linux Eus Enterprise Linux Server +10
NVD GitHub
CVSS 3.1
9.8
EPSS
5.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy