Skip to main content
CVE-2019-1010178 CRITICAL POC Act Now

Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE Fred
NVD
CVSS 3.1
9.8
EPSS
4.6%
CVE-2019-1010177 CRITICAL POC Act Now

Jsish 2.4.70 2.047 is affected by: Use After Free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Jsish
NVD
CVSS 3.0
9.8
EPSS
2.1%
CVE-2019-1010180 HIGH POC This Week

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Information Disclosure Gdb Leap
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2019-1010163 HIGH POC This Week

Socusoft Co Photo 2 Video Converter 8.0.0 is affected by: Buffer Overflow - Local shell-code execution and Denial of Service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow RCE Memory Corruption +1
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.7%
CVE-2019-1010193 MEDIUM POC This Month

hisiphp 1.0.8 is affected by: Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hisiphp
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-1010191 CRITICAL PATCH Act Now

marginalia < 1.6 is affected by: SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Marginalia
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-1010179 CRITICAL Act Now

PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affected by: Improper Neutralization of Special Elements used in a Command ('Command Injection'). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Command Injection Phkp
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2019-14250 MEDIUM POC This Month

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils Ubuntu Linux Leap
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2019-14248 MEDIUM POC This Month

In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Netwide Assembler
NVD
CVSS 3.0
5.5
EPSS
0.9%
CVE-2019-14247 MEDIUM POC This Month

The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Mpg321
NVD
CVSS 3.0
5.5
EPSS
1.4%
CVE-2019-3622 HIGH This Week

Files or Directories Accessible to External Parties in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Microsoft Information Disclosure Data Loss Prevention Endpoint
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2019-10982 HIGH PATCH This Week

Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Heap Overflow RCE Cnssoft Screeneditor
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2019-3595 MEDIUM This Month

Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Command Injection Data Loss Prevention Endpoint
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2019-14249 MEDIUM PATCH This Month

dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Libdwarf
NVD
CVSS 3.0
6.5
EPSS
2.7%
CVE-2019-3485 MEDIUM This Month

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-3591 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Data Loss Prevention Endpoint
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-10992 MEDIUM PATCH This Month

Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Cnssoft Screeneditor
NVD
CVSS 3.0
5.5
EPSS
1.0%
CVE-2019-1010189 MEDIUM This Month

mgetty prior to version 1.2.1 is affected by: Infinite Loop. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mgetty
NVD
CVSS 3.0
5.5
EPSS
0.8%
CVE-2019-1010190 MEDIUM This Month

mgetty prior to 1.2.1 is affected by: out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Mgetty
NVD
CVSS 3.0
5.5
EPSS
0.8%
CVE-2019-10968 MEDIUM This Month

Philips Holter 2010 Plus, all versions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zymed Holter 2010
NVD
CVSS 3.1
4.4
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy