Skip to main content
CVE-2019-6292 MEDIUM POC This Month

An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Yaml Cpp
NVD GitHub
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-6267 MEDIUM POC This Month

The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress PHP Easy Redirect Manager
NVD
CVSS 3.0
6.1
EPSS
1.4%
CVE-2019-6293 MEDIUM POC This Month

An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Flex
NVD GitHub
CVSS 3.0
5.5
EPSS
1.6%
CVE-2019-6291 MEDIUM POC This Month

An issue was discovered in the function expr6 in eval.c in Netwide Assembler (NASM) through 2.14.02. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netwide Assembler
NVD
CVSS 3.0
5.5
EPSS
1.3%
CVE-2019-6290 MEDIUM POC This Month

An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Netwide Assembler
NVD
CVSS 3.0
5.5
EPSS
1.3%
CVE-2019-0016 MEDIUM This Month

A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos Space
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2019-0011 MEDIUM This Month

The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2019-3554 MEDIUM PATCH This Month

Wangle's AcceptRoutingHandler incorrectly casts a socket when accepting a TLS 1.3 connection, leading to a potential denial of service attack against systems accepting such connections. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Wangle
NVD GitHub
CVSS 3.0
5.9
EPSS
1.1%
CVE-2019-0003 MEDIUM This Month

When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs,. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
5.9
EPSS
2.0%
CVE-2019-0021 MEDIUM This Month

On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information.0 versions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2019-0009 MEDIUM This Month

On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-0004 MEDIUM This Month

On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-0027 MEDIUM PATCH This Month

A persistent cross-site scripting (XSS) vulnerability in the Snort Rules configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Juniper XSS Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-0026 MEDIUM PATCH This Month

A persistent cross-site scripting (XSS) vulnerability in the Zone configuration of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Juniper XSS Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-0025 MEDIUM PATCH This Month

A persistent cross-site scripting (XSS) vulnerability in RADIUS configuration menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Juniper XSS Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-0024 MEDIUM PATCH This Month

A persistent cross-site scripting (XSS) vulnerability in the Email Collectors menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Juniper XSS Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2019-0023 MEDIUM PATCH This Month

A persistent cross-site scripting (XSS) vulnerability in the Golden VM menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Juniper XSS Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2019-0018 MEDIUM PATCH This Month

A persistent cross-site scripting (XSS) vulnerability in the file upload menu of Juniper ATP may allow an authenticated user to inject arbitrary scripts and steal sensitive data and credentials from. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Juniper XSS File Upload Information Disclosure Advanced Threat Prevention
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2019-0015 MEDIUM This Month

A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2019-0005 MEDIUM This Month

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2019-3811 MEDIUM PATCH This Month

A vulnerability was found in sssd. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Sssd Debian Linux Fedora Leap +1
NVD
CVSS 3.1
5.2
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy