Skip to main content
CVE-2019-3980 CRITICAL POC Act Now

The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Dameware Mini Remote Control
NVD
CVSS 3.1
9.8
EPSS
5.2%
CVE-2019-10757 CRITICAL POC PATCH Act Now

knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Knex
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2019-13336 CRITICAL POC Act Now

The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attackers to launch commands with no authentication verification via TCP port 81, because the loginuse and loginpass parameters to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Db01 S Firmware
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2019-17134 CRITICAL PATCH Act Now

Amphora Images in OpenStack Octavia >=0.10.0 <2.1.2, >=3.0.0 <3.2.0, >=4.0.0 <4.1.0 allows anyone with access to the management network to bypass client-certificate based authentication and retrieve. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Octavia Ubuntu Linux
NVD
CVSS 3.1
9.1
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy