Skip to main content
CVE-2019-15552 CRITICAL PATCH Act Now

An issue was discovered in the libflate crate before 0.1.25 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Libflate
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2019-15551 CRITICAL PATCH Act Now

An issue was discovered in the smallvec crate before 0.6.10 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Smallvec
NVD GitHub
CVSS 3.0
9.8
EPSS
1.9%
CVE-2019-14307 CRITICAL Act Now

Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for SNMP, which allow an attacker to cause a denial of service or code execution via crafted requests to the web. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Sp C250Sf Firmware Sp C252Sf Firmware +2
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-14305 CRITICAL Act Now

Several Ricoh printers have multiple buffer overflows parsing HTTP parameter settings for Wi-Fi, mDNS, POP3, SMTP, and notification alerts, which allow an attacker to cause a denial of service or. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Sp C250Sf Firmware Sp C252Sf Firmware +2
NVD
CVSS 3.0
9.8
EPSS
3.0%
CVE-2019-14300 CRITICAL Act Now

Several Ricoh printers have multiple buffer overflows parsing HTTP cookie headers, which allow an attacker to cause a denial of service or code execution via crafted requests to the web server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Sp C250Sf Firmware Sp C252Sf Firmware +2
NVD
CVSS 3.0
9.8
EPSS
3.1%
CVE-2019-14308 CRITICAL Act Now

Several Ricoh printers have multiple buffer overflows parsing LPD packets, which allow an attacker to cause a denial of service or code execution via crafted requests to the LPD service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Sp C250Sf Firmware Sp C252Sf Firmware +2
NVD
CVSS 3.0
9.8
EPSS
3.1%
CVE-2019-15562 CRITICAL Act Now

GORM before 1.9.10 allows SQL injection via incomplete parentheses. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Gorm
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2019-15561 CRITICAL PATCH Act Now

FlashLingo before 2019-06-12 allows SQL injection, related to flashlingo.js and db.js. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Flashlingo
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-15556 CRITICAL Act Now

Pvanloon1983 social_network before 2019-07-03 allows SQL injection in includes/form_handlers/register_handler.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Social Network
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-15524 CRITICAL Act Now

CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php file to admin/filemanager in the File Management Module, which leads to remote code execution by visiting a photo/upload/2019/. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload RCE Csz Cms
NVD
CVSS 3.0
9.8
EPSS
3.1%
CVE-2019-15521 CRITICAL PATCH Act Now

Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

PHP Deserialization Spoon Library Fork Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2019-15534 CRITICAL PATCH Act Now

Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.update. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Raml Module Builder
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-4169 CRITICAL Act Now

IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC password even after BMC password was changed away from the default password. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Open Power
NVD
CVSS 3.1
9.1
EPSS
1.7%
CVE-2019-15304 CRITICAL Act Now

Lierda Grill Temperature Monitor V1.00_50006 has a default password of admin for the admin account, which allows an attacker to cause a Denial of Service or Information Disclosure via the. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Wifi Grilling Thermometer Firmware
NVD
CVSS 3.0
9.1
EPSS
3.4%
CVE-2019-7996 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
3.1%
CVE-2019-7995 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
3.1%
CVE-2019-7994 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
6.4%
CVE-2019-7991 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
3.0%
CVE-2019-7989 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
14.2%
CVE-2019-7988 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7986 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7985 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
8.3%
CVE-2019-7984 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7983 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7982 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7980 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7979 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7978 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
8.3%
CVE-2019-7976 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
6.4%
CVE-2019-4513 HIGH This Week

IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE IBM Security Access Manager For Enterprise Single Sign On
NVD
CVSS 3.1
8.2
EPSS
2.8%
CVE-2019-12532 HIGH This Week

Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure H2Oelv H2Offt H2Ooae +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-4448 HIGH PATCH This Week

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation IBM RCE Db2 High Performance Unload Load
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-4447 HIGH PATCH This Week

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service IBM Db2 High Performance Unload Load
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-15547 HIGH This Week

An issue was discovered in the ncurses crate through 5.99.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ncurses
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-15546 HIGH This Week

An issue was discovered in the pancurses crate through 0.16.1 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pancurses
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2019-15545 HIGH PATCH This Week

An issue was discovered in the libp2p-core crate before 0.8.1 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Libp2P
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2019-15544 HIGH PATCH This Week

An issue was discovered in the protobuf crate before 2.6.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Rust Protobuf Hbase
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2019-15542 HIGH PATCH This Week

An issue was discovered in the ammonia crate before 2.1.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ammonia
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-15640 HIGH PATCH This Week

Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Limesurvey
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-15549 HIGH PATCH This Week

An issue was discovered in the asn1_der crate before 0.6.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Asn1 Der
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-15553 HIGH PATCH This Week

An issue was discovered in the memoffset crate before 0.5.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memoffset
NVD GitHub
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-15550 HIGH PATCH This Week

An issue was discovered in the simd-json crate before 0.1.15 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Simdjson
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2019-15506 HIGH This Week

An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Virtual System Administrator
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-15658 HIGH PATCH This Week

connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Connect Pg Simple
NVD GitHub
CVSS 3.0
7.3
EPSS
1.0%
CVE-2019-8000 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-7999 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.8%
CVE-2019-7987 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-7981 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-7977 MEDIUM This Month

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
6.5
EPSS
3.3%
CVE-2019-15515 MEDIUM PATCH This Month

Discourse 2.3.2 sends the CSRF token in the query string. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Discourse
NVD GitHub
CVSS 3.0
6.5
EPSS
0.6%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy