Skip to main content
CVE-2019-6007 HIGH This Week

Integer overflow vulnerability in apng-drawable 1.0.0 to 1.6.0 allows an attacker to cause a denial of service (DoS) condition or execute arbitrary code via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Integer Overflow RCE Apng Drawable
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2019-5996 HIGH This Week

SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Video Insight Vms
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2019-5993 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Category Specific RSS feed Subscription version v2.0 and earlier allows remote attackers to hijack the authentication of administrators via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Category Specific Rss Feed Subscription
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2019-5992 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in WordPress Ultra Simple Paypal Shopping Cart v4.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Wordpress Ultra Simple Paypal Shopping Cart
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2019-5986 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router/Home GateWay (Hikari Denwa router/Home GateWay provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pr S300Ne Firmware Rt S300Ne Firmware Rv S340Ne Firmware Pr S300Hi Firmware +20
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2019-10392 HIGH PATCH This Week

Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Command Injection Git Client
NVD
CVSS 3.1
8.8
EPSS
25.8%
CVE-2019-8076 HIGH This Week

Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Application Manager
NVD
CVSS 3.1
7.8
EPSS
4.1%
CVE-2019-11773 HIGH This Week

Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which may facilitate code injection and privilege elevation by local users. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Omr
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-5991 HIGH This Week

SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Garoon
NVD
CVSS 3.1
7.6
EPSS
1.2%
CVE-2019-11899 HIGH This Week

An unauthenticated attacker can achieve unauthorized access to sensitive data by exploiting Windows SMB protocol on a client installation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Information Disclosure Access
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-11774 HIGH PATCH This Week

Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Omr
NVD
CVSS 3.1
7.4
EPSS
0.7%
CVE-2019-13534 HIGH This Week

Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Intellivue Mp Monitors Mp20 Mp90 Firmware Intellivue Mp Monitors Mp5 5Sc Firmware Intellivue Mp Monitors Mp2 X2 Firmware Intellivue Mp Monitors Mx800 700 600 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2019-13530 HIGH This Week

Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part #: M8096-67501, WLAN Version B, Firmware A.01.09, Part #: N/A (Replaced by. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Intellivue Mp Monitors Mp20 Mp90 Firmware Intellivue Mp Monitors Mp5 5Sc Firmware Intellivue Mp Monitors Mp2 X2 Firmware Intellivue Mp Monitors Mx800 700 600 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy