Skip to main content
CVE-2019-5485 CRITICAL POC THREAT MAL Act Now

NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js Command Injection Gitlabhook
NVD Exploit-DB
CVSS 3.1
10.0
EPSS
59.8%
CVE-2019-13364 CRITICAL POC Act Now

admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF XSS PHP Piwigo
NVD GitHub
CVSS 3.1
9.6
EPSS
1.4%
CVE-2019-13363 CRITICAL POC Act Now

admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content,. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF XSS PHP Piwigo
NVD GitHub
CVSS 3.1
9.6
EPSS
1.4%
CVE-2019-13918 CRITICAL PATCH Act Now

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Sinema Remote Connect Server
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-13548 CRITICAL PATCH Act Now

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Stack Overflow RCE Control For Beaglebone Control For Empc A Imx6 +11
NVD
CVSS 3.1
9.8
EPSS
5.9%
CVE-2019-13923 CRITICAL Act Now

A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ie Wsn Pa Link Wirelesshart Gateway Firmware
NVD
CVSS 3.1
9.6
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy