Skip to main content
CVE-2019-10773 HIGH POC PATCH This Week

In Yarn before 1.21.1, the package install functionality can be abused to generate arbitrary symlinks on the host filesystem by using specially crafted "bin" keys. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Yarn
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2019-19731 HIGH POC THREAT This Week

Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Microsoft RCE Roxy Fileman
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
11.6%
CVE-2019-19331 HIGH POC This Week

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Knot Resolver Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2019-18191 HIGH This Week

A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Deep Security As A Service
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2019-13533 HIGH This Week

In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Plc Cj Firmware Plc Cs Firmware
NVD VulDB
CVSS 3.1
8.1
EPSS
0.3%
CVE-2019-14610 HIGH PATCH This Week

Improper access control in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc 8 Mainstream Game Kit Firmware Nuc 8 Mainstream Game Mini Computer Firmware Nuc8I7Bek Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14608 HIGH PATCH This Week

Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Privilege Escalation Buffer Overflow Intel Nuc 8 Mainstream Game Kit Firmware Nuc 8 Mainstream Game Mini Computer Firmware +17
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14605 HIGH This Week

Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all versions, may allow an authenticated user to potentially enable escalation of privilege via local attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Setup And Configuration Software Platform Discovery Utility
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14603 HIGH PATCH This Week

Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Intel Quartus Prime
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14599 HIGH This Week

Unquoted service path in Control Center-I version 2.1.0.0 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Control Center I
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-14568 HIGH PATCH This Week

Improper permissions in the executable for Intel(R) RST before version 17.7.0.1006 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Intel Rapid Storage Technology
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2019-0159 HIGH PATCH This Week

Insufficient memory protection in the Linux Administrative Tools for Intel(R) Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Administrative Tools For Intel Network Adapters
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2019-0134 HIGH This Week

Improper permissions in the Intel(R) Dynamic Platform and Thermal Framework v8.3.10208.5643 and before may allow an authenticated user to potentially execute code at an elevated level of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Dynamic Platform And Thermal Framework
NVD
CVSS 3.1
7.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy