Skip to main content
CVE-2019-7258 HIGH POC THREAT This Week

Linear eMerge E3-Series devices allow Privilege Escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation Linear Emerge Essential Firmware Linear Emerge Elite Firmware
NVD
CVSS 3.1
8.8
EPSS
19.6%
CVE-2019-7262 HIGH POC THREAT This Week

Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Linear Emerge Essential Firmware Linear Emerge Elite Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
16.3%
CVE-2019-7259 HIGH POC THREAT This Week

Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Linear Emerge Essential Firmware Linear Emerge Elite Firmware
NVD
CVSS 3.1
8.8
EPSS
13.2%
CVE-2019-13056 HIGH POC This Week

An issue was discovered in CyberPanel through 1.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Cyberpanel
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2019-13155 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13154 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13153 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13152 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13151 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13150 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13149 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13148 HIGH POC This Week

An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tew 827Dru Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2019-13178 HIGH POC This Week

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Calamares
NVD GitHub
CVSS 3.0
8.1
EPSS
1.7%
CVE-2019-13179 HIGH POC This Week

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /crypto_keyfile.bin (mode 0600 owned by root) to /boot within a globally readable initramfs image with insecure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Calamares
NVD GitHub
CVSS 3.0
7.5
EPSS
2.1%
CVE-2019-7254 HIGH POC THREAT This Week

Linear eMerge E3-Series devices allow File Inclusion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Linear Emerge Essential Firmware Linear Emerge Elite Firmware
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
82.0%
CVE-2019-7270 HIGH This Week

Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Linear Emerge 50P Firmware Linear Emerge 5000P Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2019-4292 HIGH PATCH This Week

IBM Security Guardium 10.5 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload IBM RCE Security Guardium
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2019-5443 HIGH PATCH This Week

A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine"). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection OpenSSL RCE Curl Enterprise Manager Ops Center +7
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2019-4088 HIGH This Week

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Protect Operations Center
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-6623 HIGH This Week

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, undisclosed traffic sent to BIG-IP iSession virtual server may cause the Traffic Management Microkernel (TMM) to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Application Acceleration Manager Big Ip Link Controller +9
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-6624 HIGH This Week

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, an undisclosed traffic pattern sent to a BIG-IP UDP virtual server may lead to a denial-of-service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Application Acceleration Manager Big Ip Link Controller +9
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-5599 HIGH PATCH This Week

In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Freebsd
NVD GitHub
CVSS 3.0
7.5
EPSS
5.2%
CVE-2019-13173 HIGH PATCH This Week

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Fstream
NVD GitHub
CVSS 3.0
7.5
EPSS
2.4%
CVE-2019-6622 HIGH This Week

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, an undisclosed iControl REST worker is vulnerable to command injection by an administrator or resource. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Application Acceleration Manager Big Ip Link Controller +9
NVD
CVSS 3.0
7.2
EPSS
1.8%
CVE-2019-6621 HIGH This Week

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 and BIG-IQ 7.0.0-7.1.0.2, 6.0.0-6.1.0, and 5.1.0-5.4.0, an undisclosed iControl REST. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Application Acceleration Manager Big Ip Link Controller +10
NVD
CVSS 3.0
7.2
EPSS
2.0%
CVE-2019-6620 HIGH This Week

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4 and BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, an undisclosed iControl REST worker vulnerable to command. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Application Acceleration Manager Big Ip Link Controller +10
NVD
CVSS 3.0
7.2
EPSS
1.8%
CVE-2019-4140 HIGH PATCH This Week

IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Spectrum Protect
NVD
CVSS 3.1
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy