Skip to main content
CVE-2019-10768 HIGH POC PATCH This Week

In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Angularjs
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-18934 HIGH POC PATCH This Week

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Command Injection Unbound Fedora Leap
NVD GitHub
CVSS 3.1
7.3
EPSS
3.2%
CVE-2019-12421 HIGH PATCH This Week

When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nifi
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2019-11289 HIGH PATCH This Week

Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cf Deployment Routing Release
NVD
CVSS 3.1
8.6
EPSS
1.5%
CVE-2019-16861 HIGH This Week

Code42 server through 7.0.2 for Windows has an Untrusted Search Path. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Code42
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2019-16860 HIGH This Week

Code42 app through version 7.0.2 for Windows has an Untrusted Search Path. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Code42
NVD
CVSS 3.1
7.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy