Skip to main content
CVE-2019-9958 HIGH POC This Week

CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Espressreport Enterprise Server
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2019-7232 HIGH POC PATCH THREAT This Week

The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Abb Memory Corruption Pb610 Panel Builder 600 Firmware
NVD
CVSS 3.1
8.8
EPSS
52.1%
CVE-2019-7230 HIGH POC PATCH This Week

The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Abb Pb610 Panel Builder 600 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2019-7229 HIGH POC PATCH This Week

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. Public exploit code available.

Abb Information Disclosure Board Support Package Un31 Cp620 Firmware Cp620 Web Firmware +5
NVD
CVSS 3.1
8.3
EPSS
1.1%
CVE-2019-12323 HIGH POC This Week

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Hc10
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
8.8%
CVE-2019-12870 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption Automationworx Software Suite
NVD
CVSS 3.0
8.8
EPSS
3.7%
CVE-2019-12869 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft Information Disclosure Automationworx Software Suite
NVD
CVSS 3.0
8.8
EPSS
3.8%
CVE-2019-12871 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Automationworx Software Suite
NVD
CVSS 3.0
8.8
EPSS
3.7%
CVE-2019-11648 HIGH This Week

An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Self Service Password Reset
NVD
CVSS 3.0
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy