Skip to main content
CVE-2019-5030 HIGH POC This Week

A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 (7,0,2019,0220). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Microsoft RCE Rainbow Pdf Office Server Document Converter
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2019-5150 HIGH POC This Week

An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

SQLi Denial Of Service RCE Youphptube
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2019-5043 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Nest Cam Iq Indoor Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-5010 HIGH POC THREAT This Week

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Python Leap Debian Linux +4
NVD
CVSS 3.1
7.5
EPSS
21.4%
CVE-2019-18423 HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2019-18422 HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2019-3421 HIGH This Week

The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Zte Command Injection Zx297520V3 Firmware
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2019-16675 HIGH This Week

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft Information Disclosure Config +2
NVD
CVSS 3.1
7.8
EPSS
3.3%
CVE-2019-12612 HIGH This Week

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Box Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-18230 HIGH This Week

Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honeywell H4D8Pr1 Firmware Hfd5Pr1 Firmware Hpw2P1 Firmware +45
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-18228 HIGH This Week

Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Denial Of Service H2W2Pc1M Firmware H2W2Per3 Firmware H2W4Per3 Firmware +22
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-18227 HIGH This Week

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Information Disclosure Wise Paas Rmm
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2019-16906 HIGH This Week

An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Atlassian In App Desktop Notifications
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2019-18421 HIGH PATCH This Week

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Race Condition Privilege Escalation Xen Debian Linux Fedora +1
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-18368 HIGH This Week

In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Toolbox
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2019-18396 HIGH POC THREAT This Week

An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Td5130V2 Firmware
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
16.2%
CVE-2019-15710 HIGH This Week

An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Fortiextender Firmware
NVD
CVSS 3.1
7.2
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy