Skip to main content
CVE-2019-15872 CRITICAL POC Act Now

The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi WordPress Loginpress
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2019-10197 CRITICAL Act Now

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Samba Ubuntu Linux Debian Linux
NVD
CVSS 3.0
9.1
EPSS
3.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy