Skip to main content
CVE-2019-17530 HIGH POC This Week

An issue was discovered in Bento4 1.5.1.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Bento4
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-17529 HIGH POC This Week

An issue was discovered in Bento4 1.5.1.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Bento4
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-17532 HIGH POC This Week

An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Denial Of Service Wemo Switch 28B Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2019-17528 HIGH POC This Week

An issue was discovered in Bento4 1.5.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-17502 HIGH POC This Week

Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests that lack a Content-Length header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Hydra
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-17514 HIGH POC This Week

library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Information Disclosure
NVD GitHub
CVSS 3.1
7.5
EPSS
4.7%
CVE-2019-17521 MEDIUM POC This Month

An issue was discovered in Landing-CMS 0.0.6. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Landing Cms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2019-17531 CRITICAL PATCH Act Now

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Apache Deserialization Jackson Databind Debian Linux Jboss Enterprise Application Platform +19
NVD GitHub
CVSS 3.1
9.8
EPSS
5.3%
CVE-2019-17522 MEDIUM POC This Month

A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the admin_index.php?page=settings SITE NAME field (aka SITE_NAME), a related issue to CVE-2011-4709.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Hotarucms
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy