Skip to main content
CVE-2019-18387 CRITICAL POC Act Now

Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Hotel And Lodge Management System
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-18370 CRITICAL POC THREAT Act Now

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Millet Router 3G Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
40.3%
CVE-2019-18344 CRITICAL POC Act Now

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Grading System
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-8237 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2019-8236 CRITICAL Act Now

Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Creative Cloud
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2019-18355 CRITICAL Act Now

An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Secret Server
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-11933 CRITICAL Act Now

A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Denial Of Service RCE Libpl Droidsonroids Gif +1
NVD
CVSS 3.1
9.8
EPSS
4.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy