Skip to main content
CVE-2019-14923 HIGH POC This Week

EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Eyesofnetwork
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
4.3%
CVE-2019-15105 HIGH POC This Week

An issue was discovered in Zoho ManageEngine Application Manager through 14.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zoho Manageengine Applications Manager
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
7.8%
CVE-2019-15104 HIGH POC This Week

An issue was discovered in Zoho ManageEngine OpManager through 12.4x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zoho Manageengine Applications Manager
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
7.8%
CVE-2019-15084 HIGH POC This Week

Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, installs with incorrect file permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Dell Waves Maxx Audio
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.9%
CVE-2019-15115 HIGH This Week

The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Loginwp
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2019-15114 HIGH This Week

The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Formcraft
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2019-15113 HIGH This Week

The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Companion Sitemap Generator
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2019-15117 HIGH PATCH This Week

parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Linux Linux Kernel
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2019-8063 HIGH PATCH This Week

Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Creative Cloud
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2019-7957 HIGH PATCH This Week

Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Creative Cloud
NVD
CVSS 3.0
7.5
EPSS
3.7%
CVE-2019-15099 HIGH This Week

drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Linux Linux Kernel Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
3.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy