Skip to main content
CVE-2019-19918 HIGH POC This Week

Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Lout Backports Sle Fedora +1
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2019-19917 HIGH POC This Week

Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Lout Backports Sle Leap Fedora
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2019-16785 HIGH POC PATCH This Week

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Request Smuggling Information Disclosure Waitress Communications Cloud Native Core Network Function Cloud Native Environment Debian Linux +2
NVD GitHub
CVSS 3.1
7.5
EPSS
2.7%
CVE-2019-15915 HIGH POC This Week

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCGQ01LM devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Dgnwg03Lm Firmware Zncz03Lm Firmware Mccgq01Lm Firmware Rtcgq01Lm Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2019-15914 HIGH POC This Week

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Dgnwg03Lm Firmware Zncz03Lm Firmware Mccgq01Lm Firmware Wsdcgq01Lm Firmware +1
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-15912 HIGH POC This Week

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Hg100 Firmware Mw100 Firmware Ws 101 Firmware Ts 101 Firmware +3
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-15910 HIGH POC This Week

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Hg100 Firmware Mw100 Firmware Ws 101 Firmware Ts 101 Firmware +3
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2019-19231 HIGH This Week

An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Ca Client Automation
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-16786 HIGH PATCH This Week

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Waitress Communications Cloud Native Core Network Function Cloud Native Environment Debian Linux +2
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-19693 HIGH This Week

The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Antivirus Security 2020 Internet Security 2020 Maximum Security 2020 +1
NVD
CVSS 3.1
7.1
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy