Skip to main content
CVE-2019-15799 HIGH POC This Week

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Zyxel Gs1900 8 Firmware Gs1900 8Hp Firmware Gs1900 10Hp Firmware +6
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2019-18895 HIGH POC This Week

Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Scanguard Antivirus
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-18980 HIGH POC This Week

On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Taolight Smart Wi Fi Wiz Connected Led Bulb 9290022656 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2019-15804 HIGH POC This Week

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Zyxel Gs1900 8 Firmware Gs1900 8Hp Firmware Gs1900 10Hp Firmware +6
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2019-15801 HIGH POC This Week

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Zyxel Gs1900 8 Firmware Gs1900 8Hp Firmware Gs1900 10Hp Firmware +6
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2019-0140 HIGH PATCH This Week

Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controllers before version 7.0 may allow an unauthenticated user to potentially enable an escalation of privilege via an adjacent access. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Privilege Escalation Buffer Overflow Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware +5
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2019-11152 HIGH This Week

Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +14
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2019-3661 HIGH This Week

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Advanced Threat Defense
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2019-0142 HIGH PATCH This Week

Insufficient access control in ilp60x64.sys driver for Intel(R) Ethernet 700 Series Controllers before version 1.33.0.0 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware Ethernet Controller Xxv710 Am2 Firmware +4
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2019-11137 HIGH This Week

Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Intel Information Disclosure Xeon Platinum 8253 Firmware +283
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2019-16110 HIGH This Week

The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Shadow
NVD
CVSS 3.1
8.1
EPSS
1.7%
CVE-2019-15389 HIGH This Week

The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Haier A6 Firmware
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2019-15388 HIGH This Week

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Code Injection Google RCE Mega 5 Firmware
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2019-15344 HIGH This Week

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google RCE Camon Iclick Firmware
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2019-11178 HIGH This Week

Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Intel Information Disclosure Baseboard Management Controller Firmware
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2019-11931 HIGH This Week

A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Stack Overflow Apple Whatsapp +2
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-11111 HIGH This Week

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Privilege Escalation Denial Of Service Intel Graphics Driver +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-0124 HIGH This Week

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0123 HIGH This Week

Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Core I7 6970Hq Firmware Core I7 6920Hq Firmware Core I7 6870Hq Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-11112 HIGH This Week

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Intel Memory Corruption Graphics Driver +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0155 HIGH This Week

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Intel Enterprise Linux Server Aus Enterprise Linux Server Eus +352
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2019-0145 HIGH PATCH This Week

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Privilege Escalation Buffer Overflow Intel Ethernet Controller X710 Tm4 Firmware Ethernet Controller X710 At2 Firmware +6
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15465 HIGH This Week

The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Pro Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15464 HIGH This Week

The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Pro Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15463 HIGH This Week

The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Prime Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15462 HIGH This Week

The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Duo Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15461 HIGH This Week

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB4:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Neo Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15460 HIGH This Week

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXVS6BSC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Neo Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15459 HIGH This Week

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB3:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Neo Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15458 HIGH This Week

The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXXS6BSC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Neo Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15457 HIGH This Week

The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J6 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15456 HIGH This Week

The Samsung J6 Android device with a build fingerprint of samsung/j6ltexx/j6lte:8.0.0/R16NW/J600FNXXU3ASC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J6 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15455 HIGH This Week

The Samsung J5 Android device with a build fingerprint of samsung/j5y17ltexx/j5y17lte:8.1.0/M1AJQ/J530FXXU3BRL1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J5 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15454 HIGH This Week

The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBU2ARL4:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J4 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15453 HIGH This Week

The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBS2ASC2:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J4 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15452 HIGH This Week

The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J3 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15451 HIGH This Week

The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J3 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15450 HIGH This Week

The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J3 Pop Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15449 HIGH This Week

The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy S7 Edge Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15448 HIGH This Week

The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy S7 Edge Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15447 HIGH This Week

The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy S7 Edge Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15446 HIGH This Week

The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXU3ESAC:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy S7 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15445 HIGH This Week

The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy S7 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15444 HIGH This Week

The Samsung S7 Android device with a build fingerprint of samsung/heroltexx/herolte:8.0.0/R16NW/G930FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy S7 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15443 HIGH This Week

The Samsung J7 Max Android device with a build fingerprint of samsung/j7maxlteins/j7maxlte:8.1.0/M1AJQ/G615FXXU2BSB1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J7 Max Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15442 HIGH This Week

The Samsung on7xelteskt Android device with a build fingerprint of samsung/on7xelteskt/on7xelteskt:8.1.0/M1AJQ/G610SKSU2CSB1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung On 7 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15441 HIGH This Week

The Samsung on7xeltelgt Android device with a build fingerprint of samsung/on7xeltelgt/on7xeltelgt:8.1.0/M1AJQ/G610LKLU2CSB1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung On 7 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15440 HIGH This Week

The Samsung J5 Android device with a build fingerprint of samsung/on5xeltedx/on5xelte:8.0.0/R16NW/G570YDXU2CRL1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy J5 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15439 HIGH This Week

The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy Xcover4 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-15438 HIGH This Week

The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Samsung Galaxy Xcover4 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.3%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy