How severe is CVE-2019-10940?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.9 out of 10.

What type of vulnerability is CVE-2019-10940?

This is classified as CWE-266, which is a common weakness in software security.

CVE-2019-10940

CRITICAL Year: 2019

CVSS v3 Score

9.9

Critical

CVSS v2 Score

9.0

Critical

Weakness Type

CWE-266

View all →

Vulnerability Description

A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). Incorrect session validation could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. The security vulnerability could be exploited by an attacker with network access to the affected system. An attacker must have access to a low privileged account in order to exploit the vulnerability. An attacker could use the vulnerability to compromise confidentiality, integrity, and availability of the affected system and underlying components. At the time of advisory publication no public exploitation of this security vulnerability was known.

CVE-2025-26512

CRITICAL

CVSS:9.9(Critical)

SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter ...

CWE-2662025

CVE-2022-3458

CRITICAL

CVSS:9.8(Critical)

A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.p...

CWE-2662022

CVE-2022-3735

CRITICAL

CVSS:9.8(Critical)

A vulnerability was found in seccome Ehoney. It has been rated as critical. This issue affects some unknown processing of the file /api/public/signup. The manipulation leads to improper access control...

CWE-2662022

CVE-2022-3771

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipu...

CWE-2662022

CVE-2022-4232

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. Affected is an unknown function. The manipulation of the argument cmd leads to unrestricte...

CWE-2662022

CVE-2022-4272

CRITICAL

CVSS:9.8(Critical)

A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation ...

CWE-2662022

CVE-2019-10940

Vulnerability Description

Related Vulnerabilities

CVE-2025-26512

CVE-2022-3458

CVE-2022-3735

CVE-2022-3771

CVE-2022-4232

CVE-2022-4272