Skip to main content
CVE-2019-13455 CRITICAL POC Act Now

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of   expansion in acknowledge.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Xymon Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
2.0%
CVE-2019-13486 CRITICAL Act Now

In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of   expansion in svcstatus.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Xymon Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2019-13485 CRITICAL Act Now

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Xymon Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2019-13484 CRITICAL Act Now

In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of   expansion in appfeed.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Xymon Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2019-13452 CRITICAL Act Now

In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Xymon Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2019-13451 CRITICAL Act Now

In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Xymon Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
2.4%
CVE-2019-13273 CRITICAL Act Now

In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Xymon Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-14314 CRITICAL Act Now

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi WordPress PHP Nextgen Gallery
NVD
CVSS 3.0
9.8
EPSS
43.4%
CVE-2019-15659 CRITICAL Act Now

The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE-2018-10969. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi WordPress Pie Register
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2019-15646 CRITICAL Act Now

The rsvpmaker plugin before 6.2 for WordPress has SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi WordPress Rsvpmaker
NVD
CVSS 3.0
9.8
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy