Skip to main content
CVE-2019-14678 CRITICAL POC Act Now

SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Denial Of Service SSRF Xml Mapper Base Sas
NVD GitHub
CVSS 3.1
10.0
EPSS
3.0%
CVE-2019-15800 CRITICAL POC Act Now

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Zyxel Gs1900 8 Firmware Gs1900 8Hp Firmware +7
NVD
CVSS 3.1
9.8
EPSS
3.9%
CVE-2019-18939 CRITICAL POC THREAT Act Now

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Hm Print Homematic Ccu2 Firmware Homematic Ccu3 Firmware
NVD
CVSS 3.1
9.8
EPSS
40.8%
CVE-2019-18938 CRITICAL POC THREAT Act Now

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn through 1.6.8.c installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the save.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Hm Email Homematic Ccu2 Firmware Homematic Ccu3 Firmware
NVD
CVSS 3.1
9.8
EPSS
33.8%
CVE-2019-18937 CRITICAL POC THREAT Act Now

eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser AddOn through 1.8 installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Scriptparser Homematic Ccu2 Firmware Homematic Ccu3 Firmware
NVD
CVSS 3.1
9.8
EPSS
33.8%
CVE-2019-15803 CRITICAL POC Act Now

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Zyxel Gs1900 8 Firmware Gs1900 8Hp Firmware Gs1900 10Hp Firmware +6
NVD
CVSS 3.1
9.1
EPSS
1.3%
CVE-2019-11171 CRITICAL Act Now

Heap corruption in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure, escalation of privilege and/or denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +2
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2019-8248 CRITICAL Act Now

Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Illustrator Cc
NVD
CVSS 3.1
9.8
EPSS
4.0%
CVE-2019-8247 CRITICAL Act Now

Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Illustrator Cc
NVD
CVSS 3.1
9.8
EPSS
4.0%
CVE-2019-8246 CRITICAL Act Now

Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Adobe Memory Corruption Media Encoder
NVD
CVSS 3.1
9.8
EPSS
4.6%
CVE-2019-11168 CRITICAL Act Now

Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
9.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy