Skip to main content
CVE-2019-15752 HIGH POC KEV THREAT Act Now

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Docker Information Disclosure Geode
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
29.6%
CVE-2019-15496 HIGH POC This Week

MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE CSRF Myt Project Management
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2019-13348 HIGH POC This Week

In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Knowage
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2019-15720 HIGH POC This Week

CloudBerry Backup v6.1.2.34 allows local privilege escalation via a Pre or Post backup action. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Backup
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2019-10056 HIGH POC This Week

An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Suricata Buffer Overflow Memory Corruption
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-10055 HIGH POC This Week

An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Suricata
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-10054 HIGH POC This Week

An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Suricata
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2019-10052 HIGH POC This Week

An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Suricata
NVD
CVSS 3.0
7.5
EPSS
2.1%
CVE-2019-10051 HIGH POC This Week

An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Suricata
NVD GitHub
CVSS 3.0
7.5
EPSS
2.1%
CVE-2019-10390 HIGH PATCH This Week

A sandbox bypass vulnerability in Jenkins Splunk Plugin 1.7.4 and earlier allowed attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Splunk Jenkins RCE
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2019-10384 HIGH PATCH This Week

Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

Jenkins CSRF Communications Cloud Native Core Automated Test Suite Openshift Container Platform
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2019-1965 HIGH This Week

A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.1
7.7
EPSS
1.5%
CVE-2019-9931 HIGH This Week

Various Lexmark printers contain a denial of service vulnerability in the SNMP service that can be exploited to crash the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cs31X Firmware Cs41X Firmware Cx310 Firmware Ms310 Firmware +67
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2019-1964 HIGH This Week

A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an unexpected restart of the netstack process on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2019-1962 HIGH This Week

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.5
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy