Skip to main content
CVE-2019-16119 CRITICAL POC PATCH THREAT Act Now

SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi WordPress PHP Photo Gallery
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
25.4%
CVE-2019-16102 CRITICAL Act Now

Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Unity Edgeconnect Sd Wan Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-16093 CRITICAL PATCH Act Now

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Libmysofa Ubuntu Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-16092 CRITICAL PATCH Act Now

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Libmysofa Ubuntu Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy