Skip to main content
CVE-2019-10769 CRITICAL POC Act Now

safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Node.js RCE Safer Eval
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2019-5544 CRITICAL POC KEV PATCH THREAT Act Now

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow VMware Memory Corruption Horizon Daas ESXi +14
NVD
CVSS 3.1
9.8
EPSS
96.8%
CVE-2019-18671 CRITICAL PATCH Act Now

Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes in the .bss segment via crafted messages. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Keepkey Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.3%
CVE-2019-16674 CRITICAL Act Now

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ie Sw Pl09M 5Gc 4Gt Firmware Ie Sw Pl09Mt 5Gc 4Gt Firmware Ie Sw Pl18M 2Gc 16Tx Firmware Ie Sw Pl18Mt 2Gc 16Tx Firmware +36
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-16672 CRITICAL Act Now

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ie Sw Pl09M 5Gc 4Gt Firmware Ie Sw Pl09Mt 5Gc 4Gt Firmware Ie Sw Pl18M 2Gc 16Tx Firmware Ie Sw Pl18Mt 2Gc 16Tx Firmware +36
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2019-16670 CRITICAL Act Now

An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ie Sw Pl09M 5Gc 4Gt Firmware Ie Sw Pl09Mt 5Gc 4Gt Firmware Ie Sw Pl18M 2Gc 16Tx Firmware Ie Sw Pl18Mt 2Gc 16Tx Firmware +36
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2019-19334 CRITICAL PATCH Act Now

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stack Overflow RCE Libyang +2
NVD GitHub
CVSS 3.1
9.8
EPSS
3.9%
CVE-2019-19333 CRITICAL PATCH Act Now

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Stack Overflow RCE Libyang +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.6%
CVE-2019-19617 CRITICAL PATCH Act Now

phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Information Disclosure Phpmyadmin Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy