Skip to main content
CVE-2019-19012 CRITICAL POC THREAT Act Now

An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Oniguruma Debian Linux Fedora +1
NVD GitHub
CVSS 3.1
9.8
EPSS
10.5%
CVE-2019-19022 HIGH POC This Week

iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Iterm2
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2019-19011 HIGH POC This Week

MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ngiflib
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2019-19041 HIGH POC This Week

An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lpar2Rrd Stor2Rrd
NVD GitHub
CVSS 3.1
7.2
EPSS
2.0%
CVE-2019-19040 MEDIUM POC PATCH This Month

{"value":"<script>' substring. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Kairosdb
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-19035 MEDIUM POC This Month

jhead 3.03 is affected by: heap-based buffer over-read. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Information Disclosure Jhead
NVD
CVSS 3.1
5.5
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy