Skip to main content
CVE-2019-13025 CRITICAL POC Act Now

Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ch7465Lg Firmware
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2019-13957 CRITICAL Act Now

In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Umbraco
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-12736 CRITICAL Act Now

JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Ktor
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2019-12630 CRITICAL Act Now

A vulnerability in the Java deserialization function used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Cisco Deserialization Security Manager
NVD
CVSS 3.1
9.8
EPSS
65.8%
CVE-2019-12157 CRITICAL Act Now

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity Upsource
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2019-11929 CRITICAL PATCH Act Now

Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution.30.10, all versions between 4.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow RCE Hhvm
NVD GitHub
CVSS 3.1
9.8
EPSS
4.0%
CVE-2019-10212 CRITICAL PATCH Act Now

A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Undertow Jboss Data Grid Jboss Enterprise Application Platform Jboss Fuse +3
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-13658 CRITICAL Act Now

CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Network Flow Analysis
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2019-14454 CRITICAL Act Now

SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Suitecrm
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-13335 CRITICAL Act Now

SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Suitecrm
NVD
CVSS 3.1
9.8
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy