Skip to main content
CVE-2019-12990 CRITICAL POC THREAT Act Now

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Citrix Netscaler Sd Wan Sd Wan
NVD
CVSS 3.0
9.8
EPSS
39.3%
CVE-2019-12989 CRITICAL POC KEV THREAT Act Now

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Citrix Netscaler Sd Wan Sd Wan
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
94.0%
CVE-2019-12988 CRITICAL POC THREAT Act Now

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 4 of 6). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Command Injection Netscaler Sd Wan Sd Wan
NVD
CVSS 3.0
9.8
EPSS
39.5%
CVE-2019-12987 CRITICAL POC THREAT Act Now

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 3 of 6). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Command Injection Netscaler Sd Wan Sd Wan
NVD
CVSS 3.0
9.8
EPSS
42.6%
CVE-2019-12986 CRITICAL POC THREAT Act Now

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 2 of 6). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Command Injection Netscaler Sd Wan Sd Wan
NVD
CVSS 3.0
9.8
EPSS
39.5%
CVE-2019-12985 CRITICAL POC THREAT Act Now

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation (issue 1 of 6). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Citrix Command Injection Netscaler Sd Wan Sd Wan
NVD
CVSS 3.0
9.8
EPSS
39.5%
CVE-2019-13360 CRITICAL POC THREAT Act Now

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Webpanel
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
24.4%
CVE-2019-1010292 CRITICAL PATCH Act Now

Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Op Tee
NVD GitHub VulDB
CVSS 3.0
9.8
EPSS
0.4%
CVE-2019-1010043 CRITICAL PATCH Act Now

Quake3e < 5ed740d is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Denial Of Service Buffer Overflow RCE Memory Corruption Quake3E
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2019-1010062 CRITICAL PATCH Act Now

PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

PHP File Upload Pluckcms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2019-1010060 CRITICAL Act Now

NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cfitsio
NVD GitHub
CVSS 3.0
9.8
EPSS
7.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy