Skip to main content
CVE-2019-7669 HIGH POC THREAT This Week

Prima Systems FlexAir, Versions 2.3.38 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Flexair
NVD
CVSS 3.1
8.8
EPSS
31.4%
CVE-2019-7666 HIGH POC THREAT This Week

Prima Systems FlexAir, Versions 2.3.38 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Flexair
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
14.8%
CVE-2019-13024 HIGH POC THREAT This Week

Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Centreon
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
32.2%
CVE-2019-12826 HIGH POC This Week

A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php in the 2by2host Widget Logic plugin before 5.10.2 for WordPress allows remote attackers to execute PHP code via snippets (that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP WordPress CSRF Widget Logic
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2019-13128 HIGH POC This Week

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 823G Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
7.7%
CVE-2019-13136 HIGH POC PATCH This Week

ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Imagemagick
NVD GitHub
CVSS 3.0
7.8
EPSS
1.5%
CVE-2019-13125 HIGH POC This Week

HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evade dynamic malware analysis via PIE compilation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Habomalhunter
NVD GitHub
CVSS 3.0
7.8
EPSS
1.0%
CVE-2019-13129 HIGH POC This Week

On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cx2L Mwr04L Firmware
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-7670 HIGH POC THREAT This Week

Prima Systems FlexAir, Versions 2.3.38 and prior. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Flexair
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
18.3%
CVE-2019-7273 HIGH POC This Week

Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Enterprise Proton
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
4.5%
CVE-2019-6642 HIGH This Week

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Application Acceleration Manager Big Ip Link Controller +12
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2019-13135 HIGH PATCH This Week

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Imagemagick Debian Linux Ubuntu Linux Big Ip Application Acceleration Manager +1
NVD GitHub
CVSS 3.1
8.8
EPSS
3.3%
CVE-2019-7281 HIGH This Week

Prima Systems FlexAir, Versions 2.3.38 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Flexair
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2019-7280 HIGH This Week

Prima Systems FlexAir, Versions 2.3.38 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Flexair
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2019-9703 HIGH This Week

Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Endpoint Encryption
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-9702 HIGH This Week

Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Endpoint Encryption
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-4322 HIGH PATCH This Week

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow IBM Microsoft RCE Db2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-4154 HIGH PATCH This Week

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow IBM Microsoft RCE Db2
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-7279 HIGH This Week

Optergy Proton/Enterprise devices have Hard-coded Credentials. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Enterprise Proton
NVD
CVSS 3.0
7.3
EPSS
1.8%
CVE-2019-4298 HIGH PATCH This Week

IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

PostgreSQL IBM Information Disclosure Robotic Process Automation With Automation Anywhere
NVD
CVSS 3.1
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy