Skip to main content
CVE-2019-19017 HIGH POC This Week

An issue was discovered in TitanHQ WebTitan before 5.18. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Webtitan
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2019-19014 HIGH POC This Week

An issue was discovered in TitanHQ WebTitan before 5.18. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Webtitan
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-19019 HIGH POC This Week

An issue was discovered in TitanHQ WebTitan before 5.18. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Webtitan
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2019-19016 HIGH POC This Week

An issue was discovered in TitanHQ WebTitan before 5.18. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Webtitan
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2019-19490 HIGH POC This Week

LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Litemanager
NVD Exploit-DB
CVSS 3.1
7.3
EPSS
0.4%
CVE-2019-19020 HIGH POC This Week

An issue was discovered in TitanHQ WebTitan before 5.18. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload RCE Webtitan
NVD
CVSS 3.1
7.2
EPSS
2.3%
CVE-2012-5562 HIGH This Week

A flaw was found in rhn-proxy. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Satellite
NVD VulDB
CVSS 3.1
8.6
EPSS
0.1%
CVE-2019-15628 HIGH This Week

Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Antivirus Security 2020 Internet Security 2020 Maximum Security 2020 +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-19316 HIGH PATCH This Week

When using the Azure backend with a shared access signature (SAS), Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Hashicorp Terraform
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2019-12393 HIGH This Week

Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Management System
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-12391 HIGH This Week

The Anviz Management System for access control has insufficient logging for device events such as door open requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Management System
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-12389 HIGH This Week

Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Anviz Firmware
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-12388 HIGH This Week

Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Anviz Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy