Skip to main content
CVE-2019-17181 CRITICAL POC THREAT Emergency

A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007-06-03). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Intrasrv
NVD
CVSS 3.1
9.8
EPSS
48.7%
CVE-2019-11043 CRITICAL POC KEV THREAT Emergency

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Buffer Overflow RCE Ubuntu Linux Debian Linux +20
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
99.5%
CVE-2019-16662 CRITICAL POC THREAT Emergency

An issue was discovered in rConfig 3.9.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Rconfig
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
97.7%
CVE-2019-16897 CRITICAL POC Act Now

In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation K7 Antivirus Premium K7 Total Security K7 Ultimate Security
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2019-14931 CRITICAL POC THREAT Act Now

An issue was discovered on Mitsubishi Electric Europe B.V. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Smartrtu Firmware Me Rtu Firmware
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
57.7%
CVE-2019-14930 CRITICAL POC Act Now

An issue was discovered on Mitsubishi Electric Europe B.V. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Smartrtu Firmware Me Rtu Firmware
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2019-14929 CRITICAL POC Act Now

An issue was discovered on Mitsubishi Electric Europe B.V. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Smartrtu Firmware Me Rtu Firmware
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-14926 CRITICAL POC Act Now

An issue was discovered on Mitsubishi Electric Europe B.V. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Smartrtu Firmware Me Rtu Firmware
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2019-18195 HIGH POC This Week

An issue was discovered on TerraMaster FS-210 4.0.19 devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure F2 210 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.8%
CVE-2019-16663 HIGH POC THREAT This Week

An issue was discovered in rConfig 3.9.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Rconfig
NVD GitHub
CVSS 3.1
8.8
EPSS
84.7%
CVE-2019-14927 HIGH POC THREAT This Week

An issue was discovered on Mitsubishi Electric Europe B.V. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Smartrtu Firmware Me Rtu Firmware
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
41.8%
CVE-2019-14925 MEDIUM POC This Month

An issue was discovered on Mitsubishi Electric Europe B.V. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Smartrtu Firmware Me Rtu Firmware
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-18189 CRITICAL Act Now

A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Trend Micro Apex One Officescan Worry Free Business Security
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2019-14450 CRITICAL Act Now

A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal RCE Repetier Server
NVD
CVSS 3.1
9.8
EPSS
10.4%
CVE-2019-18466 MEDIUM POC PATCH This Month

An issue was discovered in Podman in libpod before 1.6.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Libpod
NVD GitHub
CVSS 3.1
5.5
EPSS
1.5%
CVE-2019-14928 MEDIUM POC THREAT This Month

An issue was discovered on Mitsubishi Electric Europe B.V. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Smartrtu Firmware Me Rtu Firmware
NVD
CVSS 3.1
5.4
EPSS
44.1%
CVE-2019-17224 MEDIUM POC This Month

The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Ch7465Lg Firmware
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2019-3636 HIGH This Week

A File Masquerade vulnerability in McAfee Total Protection (MTP) version 16.0.R21 and earlier in Windows client allowed an attacker to read the plaintext list of AV-Scan exclusion files from the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Total Protection
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-18188 HIGH This Week

Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Trend Micro Command Injection Apex One
NVD
CVSS 3.1
7.5
EPSS
4.7%
CVE-2019-18187 HIGH KEV THREAT This Week

Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Trend Micro RCE Officescan
NVD
CVSS 3.1
7.5
EPSS
25.1%
CVE-2019-5536 MEDIUM This Month

VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0) contain a denial-of-service vulnerability in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Information Disclosure Fusion Workstation ESXi
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2019-5538 MEDIUM This Month

Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

VMware Information Disclosure Vcenter Server
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2019-5537 MEDIUM This Month

Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

VMware Information Disclosure Vcenter Server
NVD
CVSS 3.1
5.9
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy