Lucene search
K
Cve0dayMost viewed

14 matches found

CVE0DAY
CVE0DAY
added 2019/03/07 2:6 p.m.283 views

Drupal CVE-2019-6340 Remote Code Execution EXP

Description This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also...

6.8CVSS0.9AI score0.91919EPSS
Exploits22
CVE0DAY
CVE0DAY
added 2019/03/07 1:55 p.m.243 views

Cisco Routers CVE-2019-1663 Remote Command Execution

Description A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device...

10CVSS2.8AI score0.95707EPSS
Exploits15
CVE0DAY
CVE0DAY
added 2019/03/04 1:13 p.m.181 views

Google Chrome CVE-2019-5786 Arbitrary Code Execution

Description Google Chrome is prone to an arbitrary code execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the browser, Failed attempts will likely cause a denial-of-service condition. Google Chrome versions prior to 72.0.3626.121 are vulnerable...

5.2AI score0.61537EPSS
Exploits10
CVE0DAY
CVE0DAY
added 2019/03/06 2:7 p.m.154 views

Windows SMB Server CVE-2019-0630 RCE

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Mitigations Microsoft has not identified any mitigating factors for...

9CVSS9.3AI score0.17843EPSS
Exploits0
CVE0DAY
CVE0DAY
added 2019/03/06 1:41 p.m.133 views

Linux Kernel CVE-2019-9213 NULL Dereferences

By following the codepath that Andrea Arcangeli pointed out in his mails regarding the last bug I reported, I noticed that it is possible for userspace on a normal distro to map virtual address 0, which on an X86 system without SMAP enables the exploitation of kernel NULL pointer dereferences. Th...

4.9CVSS6.6AI score0.05667EPSS
Exploits6
CVE0DAY
CVE0DAY
added 2019/03/07 1:36 p.m.105 views

WordPress Quiz And Survey Master plugin CVE-2019-9575

Description The Quiz And Survey Master WordPress plugin is vulnerable to reflected XSS as it echoes the quizid parameter without proper encoding. Successful exploitation allows an attacker to execute JavaScript in the context of the application in the name of an attacked user. This in turn enable...

4.3CVSS0.2AI score0.01608EPSS
Exploits2
CVE0DAY
CVE0DAY
added 2019/03/07 1:41 p.m.91 views

WordPress Blog2Social plugin CVE-2019-9576 XSS

Description The Blog2Social WordPress plugin is vulnerable to reflected XSS as it echoes the b2supdatepublishdate parameter without proper encoding. Successful exploitation allows an attacker to execute JavaScript in the context of the application in the name of an attacked user. This in turn...

4.3CVSS0.3AI score0.01408EPSS
Exploits2
CVE0DAY
CVE0DAY
added 2019/03/04 1:9 p.m.71 views

Adobe ColdFusion CVE-2019-7816 Arbitrary File Upload

Description Adobe ColdFusion is prone to an arbitrary file-upload vulnerability. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. The following versions are affecte...

4.1AI score0.67091EPSS
Exploits0
CVE0DAY
CVE0DAY
added 2019/03/06 1:48 p.m.63 views

Visual Studio CVE-2019-0728 Remote Code Execution

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions. Mitigations Microsoft has not...

9.3CVSS4.5AI score0.27705EPSS
Exploits0
CVE0DAY
CVE0DAY
added 2019/03/04 1:16 p.m.57 views

Mozilla Firefox CVE-2018-18511 Information Disclosure

Description Mozilla Firefox is prone to an information-disclosure vulnerability. Attackers can exploit this issue to disclose sensitive information that may aid in further attacks. This issue has been fixed in: Firefox 65.0.1 Mozilla Firefox CVE-2018-18511 Information Disclosure最先出现在CVE 0day。...

3AI score0.01622EPSS
Exploits0
CVE0DAY
CVE0DAY
added 2019/03/05 1:56 p.m.54 views

WordPress Forminator Plugin CVE-2019-9567

Description Custom fields of a poll are not properly encoded when showing results of a poll, leading to persistent XSS. Successful exploitation allows an unauthenticated attacker to execute JavaScript in the context of the application in the name of an attacked user. This in turn enables an...

4.3CVSS0.4AI score0.01323EPSS
Exploits1
CVE0DAY
CVE0DAY
added 2019/03/05 1:50 p.m.54 views

WordPress Forminator Plugin CVE-2019-9568

Description The action of deleting submissions is vulnerable to blind SQL injection. An attacker can exploit this to extract data from the database. An account with the permission to delete submissions is required. Proof of Concept View submissions, eg at...

4CVSS0.9AI score0.01574EPSS
Exploits1
CVE0DAY
CVE0DAY
added 2019/03/05 2:0 p.m.53 views

Apple CVE-2019-6235 Memory Corruption

Description Apple iTunes/macOS/tvOS/watchOS/iOS are prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code with system privileges. Failed exploit attempts will likely result in denial-of-service conditions. Apple CVE-2019-6235 Memory...

7.5CVSS3.7AI score0.02099EPSS
Exploits0
CVE0DAY
CVE0DAY
added 2019/03/06 2:0 p.m.45 views

Xpdf CVE-2019-9589 NULL Pointer Dereference

Product Details Xpdf is a free PDF viewer and toolkit, including a text extractor, image converter, HTML converter, and more. Most of the tools are available as open source. URL: Vulnerable Versions 4.01 Description There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources...

6.8CVSS0.6AI score0.01198EPSS
Exploits1