Skip to main content
CVE-2019-15107 CRITICAL POC KEV THREAT Emergency

An issue was discovered in Webmin <=1.920. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Webmin
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
99.8%
CVE-2019-15106 CRITICAL POC THREAT Act Now

An issue was discovered in Zoho ManageEngine OpManager in builds before 14310. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Zoho Manageengine Opmanager
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
25.5%
CVE-2019-7964 CRITICAL Act Now

Adobe Experience Manager versions 6.5, and 6.4 have an authentication bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Adobe Experience Manager
NVD
CVSS 3.0
9.8
EPSS
10.2%
CVE-2019-7959 CRITICAL PATCH Act Now

Creative Cloud Desktop Application versions 4.6.1 and earlier have a using components with known vulnerabilities vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Creative Cloud
NVD
CVSS 3.0
9.8
EPSS
6.5%
CVE-2019-7958 CRITICAL PATCH Act Now

Creative Cloud Desktop Application versions 4.6.1 and earlier have an insecure inherited permissions vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Creative Cloud
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2019-5477 CRITICAL PATCH Act Now

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Nokogiri Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
5.9%
CVE-2019-15091 CRITICAL Act Now

filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&sec2=operation/wiki/wiki&action=upload arbitrary file upload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Integria Ims
NVD
CVSS 3.0
9.8
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy