Skip to main content
CVE-2019-12327 CRITICAL POC Act Now

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Sp R50P Firmware
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2019-13096 CRITICAL POC Act Now

TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure storage. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wallet
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2019-12326 CRITICAL POC Act Now

Missing file and path validation in the ringtone upload function of the Akuvox R50P VoIP phone 50.0.6.156 allows an attacker to upload a manipulated ringtone file, with an executable payload (shell. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Sp R50P Firmware
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-1010228 CRITICAL POC Act Now

OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow RCE Memory Corruption Dcmtk +1
NVD
CVSS 3.1
9.8
EPSS
7.6%
CVE-2019-1010234 CRITICAL POC Act Now

The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Open Network Operating System
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-2287 CRITICAL PATCH Act Now

Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Mdm9150 Firmware Mdm9206 Firmware +40
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2019-2279 CRITICAL PATCH Act Now

Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Mdm9150 Firmware Mdm9607 Firmware +36
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2019-2269 CRITICAL PATCH Act Now

Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Qualcomm Mdm9150 Firmware Mdm9650 Firmware Msm8996au Firmware +21
NVD
CVSS 3.0
9.8
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy