Skip to main content
CVE-2019-13582 CRITICAL Act Now

An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Memory Corruption 88W8688 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2019-13581 CRITICAL Act Now

An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Memory Corruption 88W8688 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2019-14345 CRITICAL PATCH Act Now

TemaTres 3.0 allows remote unprivileged users to create an administrator account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tematres
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2019-18985 CRITICAL PATCH Act Now

Pimcore before 6.2.2 lacks brute force protection for the 2FA token. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Pimcore
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-18981 CRITICAL PATCH Act Now

Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Pimcore
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2019-18928 CRITICAL PATCH Act Now

Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Imap Fedora Debian Linux
NVD
CVSS 3.1
9.8
EPSS
2.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy