Skip to main content
CVE-2019-17042 CRITICAL PATCH Act Now

An issue was discovered in Rsyslog v8.1908.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Cisco Rsyslog Fedora Debian Linux +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.1%
CVE-2019-17041 CRITICAL PATCH Act Now

An issue was discovered in Rsyslog v8.1908.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Rsyslog Debian Linux Fedora +1
NVD GitHub
CVSS 3.1
9.8
EPSS
4.6%
CVE-2019-12812 CRITICAL Act Now

MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbitrary command via specifically crafted configuration file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Mybuilder
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2019-12811 CRITICAL Act Now

ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Mybuilder
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2019-15751 CRITICAL Act Now

An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload RCE Sitos Six
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2019-15748 CRITICAL Act Now

SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by browsing directly to affected pages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Sitos Six
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2019-15746 CRITICAL Act Now

SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Command Injection Sitos Six
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-17269 CRITICAL Act Now

Intellian Remote Access 3.18 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the Ping Test field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Remote Access
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2019-17267 CRITICAL PATCH Act Now

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Jackson Databind Active Iq Unified Manager Oncommand Api Services Oncommand Workflow Automation +8
NVD GitHub
CVSS 3.1
9.8
EPSS
4.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy