Skip to main content
CVE-2019-19726 HIGH POC PATCH Act Now

OpenBSD through 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Openbsd
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
3.5%
CVE-2019-15934 HIGH POC This Week

Intesync Solismed 3.3sp has CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Solismed
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2019-19770 HIGH POC This Week

In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
8.2
EPSS
2.4%
CVE-2019-17358 HIGH POC This Week

Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Buffer Overflow Deserialization Cacti Debian Linux +1
NVD GitHub
CVSS 3.1
8.1
EPSS
3.0%
CVE-2019-18307 HIGH POC This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18305 HIGH POC This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18304 HIGH POC This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18292 HIGH POC This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-5144 HIGH This Week

An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Kakadu Software
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2019-19771 HIGH MAL This Week

The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js Information Disclosure Lodahs
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2019-18288 HIGH This Week

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload RCE Sppa T3000 Application Server
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2019-5154 HIGH This Week

An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE Leadtools
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2019-5092 HIGH This Week

An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Leadtools
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2019-13930 HIGH This Week

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Xhq
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2019-10494 HIGH PATCH This Week

Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +38
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2019-18309 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-18308 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-18297 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2019-4606 HIGH This Week

IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a local attacker to execute arbitrary code on the system, caused by an untrusted search path vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM RCE Db2 High Performance Unload Load
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-19248 HIGH This Week

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Origin
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-19247 HIGH This Week

Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Origin
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-2321 HIGH This Week

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2319 HIGH This Week

HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption Mdm9205 Firmware Qcs404 Firmware +11
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2288 HIGH This Week

Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10592 HIGH This Week

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8017 Firmware Apq8053 Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10571 HIGH PATCH This Week

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware Apq8053 Firmware Apq8096Au Firmware +38
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10555 HIGH PATCH This Week

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware Apq8053 Firmware Apq8096Au Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10530 HIGH PATCH This Week

Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Qualcomm Buffer Overflow Mdm9150 Firmware Mdm9206 Firmware +34
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-18338 HIGH This Week

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Sinvr 3 Central Control Server Sinvr 3 Video Server
NVD
CVSS 3.1
7.7
EPSS
2.6%
CVE-2019-12420 HIGH This Week

In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apache Spamassassin Debian Linux
NVD
CVSS 3.1
7.5
EPSS
7.2%
CVE-2019-19768 HIGH This Week

In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Linux Information Disclosure Memory Corruption Linux Kernel
NVD
CVSS 3.1
7.5
EPSS
4.2%
CVE-2019-19766 HIGH This Week

The Bitwarden server through 1.32.0 has a potentially unwanted KDF. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-18320 HIGH This Week

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sppa T3000 Application Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-18319 HIGH This Week

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sppa T3000 Application Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-18318 HIGH This Week

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sppa T3000 Application Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-18317 HIGH This Week

A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sppa T3000 Application Server
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-18311 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2019-18310 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2019-18306 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18303 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18302 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18301 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18300 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18299 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18298 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18294 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18291 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-18290 HIGH This Week

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Sppa T3000 Ms3000 Migration Server
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-13942 HIGH This Week

A vulnerability has been identified in EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module IEC104 variant (All. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow En100 Ethernet Module With Firmware Variant Dnp3 Tcp En100 Ethernet Module With Firmware Variant Iec 61850 En100 Ethernet Module With Firmware Variant Iec104 En100 Ethernet Module With Firmware Variant Modbus Tcp +1
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2019-2337 HIGH This Week

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8053 Firmware Apq8096Au Firmware +46
NVD
CVSS 3.1
7.5
EPSS
0.7%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy