Skip to main content
CVE-2019-17266 CRITICAL POC Act Now

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libsoup Ubuntu Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2019-17240 CRITICAL POC THREAT Act Now

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Bludit
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
39.6%
CVE-2019-17216 CRITICAL Act Now

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Combi Stream Mslq Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-17215 CRITICAL Act Now

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Combi Stream Mslq Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2019-17218 CRITICAL Act Now

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Combi Stream Mslq Firmware
NVD VulDB
CVSS 3.1
9.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy