Skip to main content
CVE-2019-13496 HIGH POC This Week

One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Cloud Access Manager
NVD GitHub
CVSS 3.1
8.1
EPSS
0.8%
CVE-2019-18178 HIGH POC This Week

Real Time Engineers FreeRTOS+FAT 160919a has a use after free. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Use After Free Memory Corruption Freertos Fat
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2019-18680 HIGH POC PATCH This Week

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.5
EPSS
3.6%
CVE-2019-18684 HIGH POC This Week

Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Privilege Escalation Sudo
NVD GitHub
CVSS 3.1
7.0
EPSS
0.3%
CVE-2019-18683 HIGH POC PATCH This Week

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. Rated high severity (CVSS 7.0). Public exploit code available.

Race Condition Linux Privilege Escalation Linux Kernel Ubuntu Linux +16
NVD
CVSS 3.1
7.0
EPSS
1.0%
CVE-2019-17210 HIGH This Week

A denial-of-service issue was discovered in the MQTT library in Arm Mbed OS 2017-11-02. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mbed Mqtt Mbed Os
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2019-0350 HIGH This Week

SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP Hana Database
NVD
CVSS 3.1
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy