Skip to main content
CVE-2019-15642 HIGH POC PATCH THREAT This Week

rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection RCE Webmin
NVD GitHub
CVSS 3.0
8.8
EPSS
38.0%
CVE-2019-15637 HIGH POC THREAT This Week

Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XXE Information Disclosure Tableau Server Tableau Desktop Tableau Reader +1
NVD GitHub Exploit-DB
CVSS 3.1
8.1
EPSS
14.3%
CVE-2019-8460 HIGH POC PATCH This Week

OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Openbsd
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-15541 HIGH POC PATCH This Week

rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rustls
NVD GitHub
CVSS 3.0
7.5
EPSS
2.2%
CVE-2019-7996 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
3.1%
CVE-2019-7995 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
3.1%
CVE-2019-7994 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
6.4%
CVE-2019-7991 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
3.0%
CVE-2019-7989 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Adobe Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
14.2%
CVE-2019-7988 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7986 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7985 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
8.3%
CVE-2019-7984 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7983 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7982 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7980 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7979 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2019-7978 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
8.3%
CVE-2019-7976 HIGH This Week

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
6.4%
CVE-2019-4513 HIGH This Week

IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE IBM Security Access Manager For Enterprise Single Sign On
NVD
CVSS 3.1
8.2
EPSS
2.8%
CVE-2019-12532 HIGH This Week

Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure H2Oelv H2Offt H2Ooae +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-4448 HIGH PATCH This Week

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation IBM RCE Db2 High Performance Unload Load
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-4447 HIGH PATCH This Week

IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum_debug is a setuid root binary which trusts the PATH environment variable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service IBM Db2 High Performance Unload Load
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-15547 HIGH This Week

An issue was discovered in the ncurses crate through 5.99.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ncurses
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-15546 HIGH This Week

An issue was discovered in the pancurses crate through 0.16.1 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pancurses
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2019-15545 HIGH PATCH This Week

An issue was discovered in the libp2p-core crate before 0.8.1 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Libp2P
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2019-15544 HIGH PATCH This Week

An issue was discovered in the protobuf crate before 2.6.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Rust Protobuf Hbase
NVD
CVSS 3.1
7.5
EPSS
3.8%
CVE-2019-15542 HIGH PATCH This Week

An issue was discovered in the ammonia crate before 2.1.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ammonia
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-15640 HIGH PATCH This Week

Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Limesurvey
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2019-15549 HIGH PATCH This Week

An issue was discovered in the asn1_der crate before 0.6.2 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Asn1 Der
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-15553 HIGH PATCH This Week

An issue was discovered in the memoffset crate before 0.5.0 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Memoffset
NVD GitHub
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-15550 HIGH PATCH This Week

An issue was discovered in the simd-json crate before 0.1.15 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Simdjson
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2019-15506 HIGH This Week

An issue was discovered in Kaseya Virtual System Administrator (VSA) through 9.4.0.37. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Virtual System Administrator
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2019-15658 HIGH PATCH This Week

connect-pg-simple before 6.0.1 allows SQL injection if tableName or schemaName is untrusted data. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Connect Pg Simple
NVD GitHub
CVSS 3.0
7.3
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy