Skip to main content
CVE-2019-11932 HIGH POC PATCH THREAT This Week

A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Denial Of Service RCE Whatsapp Android Gif Drawable
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
44.3%
CVE-2019-15766 HIGH POC This Week

The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for Android allows authenticated remote code execution via a POST request to the AJAX handler with the configFile parameter set to the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Google File Upload RCE PHP Ksweb
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2019-16328 HIGH POC PATCH THREAT This Week

In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Rpyc
NVD GitHub
CVSS 3.1
7.5
EPSS
13.0%
CVE-2019-4422 HIGH PATCH This Week

IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege escalation which could allow an authenticated user to change the accessmgr password. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation IBM Security Guardium
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2019-13332 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Reader
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-13331 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Reader
NVD
CVSS 3.1
7.8
EPSS
5.5%
CVE-2019-13330 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Reader
NVD
CVSS 3.1
7.8
EPSS
5.5%
CVE-2019-13329 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Reader
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-13328 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Reader
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-13327 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Reader
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-13326 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free RCE Memory Corruption Reader
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-13325 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Foxit Studio Photo
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-13324 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Foxit Studio Photo
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-13323 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Foxit Studio Photo
NVD
CVSS 3.1
7.8
EPSS
3.9%
CVE-2019-16866 HIGH PATCH This Week

Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Unbound Ubuntu Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
3.5%
CVE-2019-15163 HIGH PATCH This Week

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Libpcap
NVD GitHub
CVSS 3.1
7.5
EPSS
4.4%
CVE-2019-15166 HIGH PATCH This Week

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Tcpdump Mac Os X Debian Linux Fedora +6
NVD GitHub
CVSS 3.1
7.5
EPSS
5.0%
CVE-2019-3834 HIGH This Week

It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON). Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Jboss Operations Network
NVD
CVSS 3.1
7.3
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy