Skip to main content
CVE-2019-13370 HIGH POC This Week

index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Ignitedcms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2019-13362 HIGH POC This Week

Codedoc v3.2 has a stack-based buffer overflow in add_variable in codedoc.c, related to codedoc_strlcpy. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Codedoc
NVD GitHub
CVSS 3.0
7.8
EPSS
1.0%
CVE-2019-1911 HIGH This Week

A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Hosted Collaboration Solution
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2019-1893 HIGH This Week

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Enterprise Nfv Infrastructure Software
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-1922 HIGH This Week

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Cisco Ip Conference Phone 7832 Firmware Ip Conference Phone 8832 Firmware +10
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-1921 HIGH This Week

A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Email Security Appliance
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-1892 HIGH This Week

A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco Sf200 24 Firmware Sf200 24P Firmware +55
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-1891 HIGH This Week

A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Sf200 24 Firmware Sf200 24P Firmware Sf200 48 Firmware +54
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-1887 HIGH PATCH This Week

A vulnerability in the Session Initiation Protocol (SIP) protocol implementation of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow Cisco Memory Corruption Unified Communications Manager
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-1933 HIGH This Week

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Email Security Appliance
NVD
CVSS 3.0
7.4
EPSS
1.2%
CVE-2019-1894 HIGH This Week

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Enterprise Nfv Infrastructure Software
NVD
CVSS 3.0
7.2
EPSS
3.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy