Skip to main content
CVE-2019-19967 HIGH POC This Week

The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Connect Box Eurodocsis Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2019-19965 MEDIUM POC This Month

In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Linux Linux Kernel Debian Linux +14
NVD
CVSS 3.1
4.7
EPSS
0.7%
CVE-2019-19966 MEDIUM POC This Month

In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Use After Free Linux Memory Corruption Linux Kernel +12
NVD
CVSS 3.1
4.6
EPSS
0.6%
CVE-2019-19962 HIGH PATCH This Week

wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in RSA cryptography. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Jwt Attack Wolfssl
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2019-19963 MEDIUM PATCH This Month

An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wolfssl
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-19960 MEDIUM PATCH This Month

In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wolfssl
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy