Skip to main content
CVE-2019-5151 CRITICAL POC Act Now

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Denial Of Service RCE Youphptube
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2019-5049 CRITICAL Act Now

An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow VMware Amd Memory Corruption Radeon Rx 550 Firmware +2
NVD
CVSS 3.1
10.0
EPSS
2.0%
CVE-2019-18226 CRITICAL Act Now

Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure H2W2Pc1M Firmware H2W2Per3 Firmware H2W4Per3 Firmware +61
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-13551 CRITICAL Act Now

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Wise Paas Rmm
NVD
CVSS 3.1
9.8
EPSS
4.9%
CVE-2019-13547 CRITICAL Act Now

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wise Paas Rmm
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2019-13508 CRITICAL Act Now

FreeTDS through 1.1.11 has a Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Freetds Ubuntu Linux
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2019-18465 CRITICAL Act Now

In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow an attacker to sign in without full credentials via the SSH (SFTP) interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Moveit Transfer
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2019-18464 CRITICAL PATCH Act Now

In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3), 11.0 before 11.0.4 (2019.0.4), and 11.1 before 11.1.3 (2019.1.3), multiple SQL Injection vulnerabilities have been found in the REST API that. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass SQLi Microsoft Moveit Transfer
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-18364 CRITICAL Act Now

In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java RCE Deserialization Teamcity
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2019-18425 CRITICAL PATCH Act Now

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Xen Debian Linux Fedora Leap
NVD
CVSS 3.1
9.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy