Skip to main content
CVE-2019-5132 HIGH POC This Week

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll GEM Raster parser of the Accusoft ImageGear 19.3.0 library. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Imagegear
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2019-5112 HIGH POC This Week

Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Formalms
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2019-5111 HIGH POC This Week

Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Formalms
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2019-5110 HIGH POC This Week

Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Formalms
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2019-5109 HIGH POC This Week

Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Formalms
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2019-5083 HIGH POC This Week

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFdecodethunderscan function of Accusoft ImageGear 19.3.0 library. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Imagegear
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2019-5076 HIGH POC This Week

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Imagegear
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2019-19383 HIGH POC This Week

freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Freeftpd
NVD GitHub
CVSS 3.1
8.8
EPSS
2.8%
CVE-2019-19458 HIGH POC This Week

SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Proaccess Space
NVD
CVSS 3.1
8.6
EPSS
2.8%
CVE-2019-5164 HIGH POC This Week

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation RCE Shadowsocks Libev Backports Sle +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2019-19382 HIGH POC This Week

Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Anti Virus Plus
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2019-5163 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Shadowsocks Libev Backports Leap
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2019-5097 HIGH POC THREAT This Week

A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Goahead
NVD
CVSS 3.1
7.5
EPSS
45.1%
CVE-2019-5133 HIGH This Week

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll BMP parser of the ImageGear 19.3.0 library. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Imagegear
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2019-4130 HIGH PATCH This Week

IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload IBM RCE Cloud Pak System
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2019-19543 HIGH PATCH This Week

In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-7366 HIGH PATCH This Week

Buffer overflow vulnerability in Autodesk FBX Software Development Kit version 2019.5. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Fbx Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2019-7365 HIGH This Week

DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Autodesk Desktop
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-9689 HIGH This Week

process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Axtls
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2019-10013 HIGH This Week

The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Axtls
NVD
CVSS 3.1
7.5
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy