Skip to main content
CVE-2019-10892 CRITICAL POC Act Now

An issue was discovered in D-Link DIR-806 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow D-Link Memory Corruption Dir 806 Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2019-10891 CRITICAL POC THREAT Act Now

An issue was discovered in D-Link DIR-806 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dir 806 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
19.4%
CVE-2019-15102 CRITICAL POC Act Now

An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Sahi Pro
NVD
CVSS 3.0
9.8
EPSS
3.9%
CVE-2019-16059 HIGH POC This Week

Sentrifugo 3.2 lacks CSRF protection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE CSRF Sentrifugo
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2019-9461 MEDIUM POC This Month

In the Android kernel in VPN routing there is a possible information disclosure. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2019-15128 MEDIUM POC This Month

iF.SVNAdmin through 1.6.2 allows svnadmin/usercreate.php CSRF to create a user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF If Svnadmin
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2019-14223 MEDIUM POC This Month

An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Alfresco
NVD GitHub
CVSS 3.1
6.1
EPSS
4.5%
CVE-2019-9855 CRITICAL Act Now

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Python Information Disclosure Libreoffice Leap
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2019-16060 CRITICAL PATCH Act Now

The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Airbrake Ruby
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-11926 CRITICAL PATCH Act Now

Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input.30.9, all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Hhvm
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2019-11925 CRITICAL PATCH Act Now

Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input.30.9, all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Hhvm
NVD GitHub
CVSS 3.0
9.8
EPSS
2.1%
CVE-2019-13656 CRITICAL Act Now

An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Ca Client Automation Ca Workload Automation Ae
NVD
CVSS 3.1
9.8
EPSS
5.8%
CVE-2019-14813 CRITICAL PATCH Act Now

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Ghostscript Openshift Container Platform Enterprise Linux Enterprise Linux Desktop +8
NVD
CVSS 3.1
9.8
EPSS
11.4%
CVE-2019-15846 CRITICAL Act Now

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Exim Debian Linux
NVD
CVSS 3.0
9.8
EPSS
35.7%
CVE-2019-16088 MEDIUM POC This Month

Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
0.9%
CVE-2019-13953 HIGH This Week

An exploitable authentication bypass vulnerability exists in the Bluetooth Low Energy (BLE) authentication module of YI M1 Mirrorless Camera V3.2-cn. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Yi M1 Mirrorless Camera Firmware
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2019-13517 HIGH This Week

In Pyxis ES Versions 1.3.4 through to 1.6.1 and Pyxis Enterprise Server, with Windows Server Versions 4.4 through 4.12, a vulnerability has been identified where existing access privileges are not. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Microsoft Information Disclosure Pyxis Enterprise Server Pyxis Es
NVD
CVSS 3.0
8.8
EPSS
1.3%
CVE-2019-9345 HIGH This Week

In the Android kernel in sdcardfs there is a possible violation of the separation of data between profiles due to shared mapping of obb files. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-9270 HIGH This Week

In the Android kernel in unifi and r8180 WiFi drivers there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Ubiquiti Memory Corruption Google +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2182 HIGH This Week

In the Android kernel in the kernel MMU code there is a possible execution path leaving some kernel text and rodata pages writable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-9854 HIGH This Week

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Python Libreoffice Ubuntu Linux Debian Linux +3
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2019-16058 HIGH PATCH This Week

An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Opensc
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2019-16056 HIGH PATCH This Week

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Information Disclosure Fedora Debian Linux Ubuntu Linux +6
NVD GitHub
CVSS 3.1
7.5
EPSS
5.4%
CVE-2019-15890 HIGH PATCH This Week

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Libslirp Qemu
NVD
CVSS 3.1
7.5
EPSS
4.0%
CVE-2019-9458 HIGH PATCH This Week

In the Android kernel in the video driver there is a use after free due to a race condition. Rated high severity (CVSS 7.0).

Race Condition Denial Of Service Privilege Escalation Google Android +1
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2019-9456 MEDIUM PATCH This Month

In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow Privilege Escalation Memory Corruption Android +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9454 MEDIUM PATCH This Month

In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9451 MEDIUM This Month

In the Android kernel in the touchscreen driver there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9448 MEDIUM This Month

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.0
6.7
EPSS
0.2%
CVE-2019-9447 MEDIUM This Month

In the Android kernel in the FingerTipS touchscreen driver there is a possible use-after-free due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Use After Free Privilege Escalation Memory Corruption Android
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2019-9446 MEDIUM This Month

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.0
6.7
EPSS
0.2%
CVE-2019-9443 MEDIUM This Month

In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9442 MEDIUM This Month

In the Android kernel in the mnh driver there is possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Google +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2019-9441 MEDIUM This Month

In the Android kernel in the mnh driver there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.0
6.7
EPSS
0.2%
CVE-2019-9436 MEDIUM This Month

In the Android kernel in the bootloader there is a possible secure boot bypass. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9426 MEDIUM This Month

In the Android kernel in Bluetooth there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9276 MEDIUM This Month

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Buffer Overflow Memory Corruption Google +2
NVD
CVSS 3.0
6.7
EPSS
0.2%
CVE-2019-9275 MEDIUM This Month

In the Android kernel in the mnh driver there is a use after free due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Memory Corruption Google Use After Free +1
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-9274 MEDIUM This Month

In the Android kernel in the mnh driver there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9273 MEDIUM This Month

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible use after free due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Memory Corruption Google Use After Free +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2019-9248 MEDIUM This Month

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-9450 MEDIUM PATCH This Month

In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4).

Race Condition Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-9271 MEDIUM This Month

In the Android kernel in the mnh driver there is a race condition due to insufficient locking. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Google Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2019-9453 MEDIUM PATCH This Month

In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Google Buffer Overflow Information Disclosure Android Ubuntu Linux
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-9452 MEDIUM PATCH This Month

In the Android kernel in SEC_TS touch driver there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-9449 MEDIUM This Month

In the Android kernel in FingerTipS touchscreen driver there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.0
4.4
EPSS
0.2%
CVE-2019-9445 MEDIUM This Month

In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android Debian Linux +1
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-9444 MEDIUM This Month

In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.0
4.4
EPSS
0.2%
CVE-2019-9245 MEDIUM This Month

In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-16089 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.2.13. Rated medium severity (CVSS 4.1). This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD
CVSS 3.1
4.1
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy