Skip to main content
CVE-2019-16928 CRITICAL POC KEV PATCH THREAT Act Now

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Memory Corruption Exim Ubuntu Linux +2
NVD
CVSS 3.1
9.8
EPSS
41.6%
CVE-2019-16920 CRITICAL POC KEV THREAT Act Now

Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link RCE Command Injection Dir 655 Firmware Dir 866L Firmware +8
NVD
CVSS 3.1
9.8
EPSS
100.0%
CVE-2019-16924 HIGH POC This Week

The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers (after sniffing the network) to take control of the lock. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nulock
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-13376 MEDIUM POC PATCH This Month

phpBB version 3.2.7 allows the stealing of an Administration Control Panel session id by leveraging CSRF in the Remote Avatar feature. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS CSRF Phpbb
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2019-11738 MEDIUM POC This Month

If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mozilla Firefox Firefox Esr Leap
NVD
CVSS 3.1
6.3
EPSS
1.4%
CVE-2019-16923 MEDIUM POC This Month

kkcms 1.3 has jx.php?url= XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Kkcms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-3766 CRITICAL Act Now

Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Elastic Cloud Storage
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-9459 CRITICAL Act Now

In libttspico, there is a possible OOB write due to a heap buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2019-9365 CRITICAL Act Now

In Bluetooth, there is a possible deserialization error due to missing string validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google RCE Deserialization Android
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2019-9301 CRITICAL Act Now

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2019-11734 CRITICAL Act Now

Mozilla developers and community members reported memory safety bugs present in Firefox 68. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla RCE Memory Corruption Firefox
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2019-11733 CRITICAL Act Now

When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla Firefox
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-8074 CRITICAL Act Now

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Coldfusion
NVD
CVSS 3.1
9.8
EPSS
18.9%
CVE-2019-8073 CRITICAL Act Now

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Coldfusion
NVD
CVSS 3.1
9.8
EPSS
8.3%
CVE-2019-16927 MEDIUM POC This Month

Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc, a different vulnerability than CVE-2019-9877. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Xpdf
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2019-16688 MEDIUM POC This Month

Dolibarr 9.0.5 has stored XSS in an Email Template section to mails_templates.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dolibarr Erp Crm
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2019-16687 MEDIUM POC This Month

Dolibarr 9.0.5 has stored XSS in a User Profile in a Signature section to card.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Privilege Escalation PHP Dolibarr Erp Crm
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2019-16686 MEDIUM POC This Month

Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dolibarr Erp Crm
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2019-16685 MEDIUM POC This Month

Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Description section to card.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Privilege Escalation PHP Dolibarr Erp Crm
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2019-3746 HIGH This Week

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do not limit the number of authentication attempts to the ACM API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Integrated Data Protection Appliance Firmware
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2019-9405 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9382 HIGH This Week

In libeffects, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9363 HIGH This Week

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9357 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9346 HIGH This Week

In libstagefright, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9310 HIGH This Week

In libFDK, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9308 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9307 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9306 HIGH This Week

In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9305 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9304 HIGH This Week

In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9303 HIGH This Week

In libFDK, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9302 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9300 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9299 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9298 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9297 HIGH This Week

In libAACdec, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9291 HIGH This Week

In Bluetooth, there is a possible remote code execution due to an improper memory allocation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Denial Of Service RCE Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-9278 HIGH PATCH This Week

In libexif, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Integer Overflow Privilege Escalation Buffer Overflow Android +4
NVD GitHub
CVSS 3.1
8.8
EPSS
4.1%
CVE-2019-9262 HIGH This Week

In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2019-9256 HIGH This Week

In libmediaextractor there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Integer Overflow RCE Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2019-2159 HIGH This Week

In libxaac there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2141 HIGH This Week

In libxaac there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2087 HIGH This Week

In libxaac, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2086 HIGH This Week

In libxaac, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2085 HIGH This Week

In libxaac there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2084 HIGH This Week

In libxaac there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2083 HIGH This Week

In libxaac there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2082 HIGH This Week

In libxaac there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-2081 HIGH This Week

In libxaac there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Memory Corruption Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
Page 1 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy