Skip to main content
CVE-2018-19432 MEDIUM POC This Month

An issue was discovered in libsndfile 1.0.28. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libsndfile Debian Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
3.0%
CVE-2018-19433 MEDIUM POC This Month

ShowDoc 2.4.1 has XSS via the lang parameter because install/database.php mishandles the $cur_lang value. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Showdoc
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-19443 MEDIUM PATCH This Month

The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circumstances in bus.py and jsonrpc.py. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Session Fixation Information Disclosure Tryton
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2018-19464 MEDIUM This Month

Discuz!. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Discuz
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy