Skip to main content
CVE-2019-14491 HIGH POC PATCH This Week

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Opencv
NVD GitHub
CVSS 3.0
8.2
EPSS
2.6%
CVE-2019-14260 HIGH POC This Week

On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone with firmware 1.50.13, a command injection (missing input validation) issue in the password change field for the Change. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection 8008 Firmware
NVD
CVSS 3.0
8.0
EPSS
2.8%
CVE-2019-14259 HIGH POC This Week

On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Obihai Obi1022 Firmware
NVD
CVSS 3.0
8.0
EPSS
2.8%
CVE-2019-14497 HIGH POC This Week

ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTracker 1.02.00 has a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2019-14496 HIGH POC This Week

LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Milkytracker Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2019-14486 HIGH POC This Week

GnuCOBOL 2.2 has a buffer overflow in cb_evaluate_expr in cobc/field.c via crafted COBOL source code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Gnucobol
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2019-14468 HIGH POC This Week

GnuCOBOL 2.2 has a buffer overflow in cb_push_op in cobc/field.c via crafted COBOL source code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Gnucobol
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2019-14332 HIGH POC This Week

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link 6600 Ap Firmware Dwl 3600Ap Firmware
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2019-14513 HIGH POC This Week

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Dnsmasq Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-14494 HIGH POC PATCH This Week

An issue was discovered in Poppler through 0.78.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Poppler Ubuntu Linux Fedora Debian Linux +1
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2019-14493 HIGH POC PATCH This Week

An issue was discovered in OpenCV before 4.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Opencv Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
3.4%
CVE-2019-14492 HIGH POC PATCH This Week

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Opencv Leap
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2019-0193 HIGH POC KEV PATCH THREAT This Week

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection Java Apache RCE Solr +1
NVD
CVSS 3.1
7.2
EPSS
83.5%
CVE-2019-9140 HIGH This Week

When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check Deeplink URL correctly. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Information Disclosure RCE Happypoint
NVD
CVSS 3.1
8.1
EPSS
1.2%
CVE-2019-3890 HIGH This Week

It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Evolution Ews Enterprise Linux
NVD
CVSS 3.0
8.1
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy