Skip to main content
CVE-2019-6110 MEDIUM POC PATCH THREAT This Month

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

SSH RCE Openssh Winscp Element Software +4
NVD Exploit-DB
CVSS 3.1
6.8
EPSS
20.9%
CVE-2019-7296 MEDIUM POC This Month

typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Typora
NVD GitHub
CVSS 3.0
6.1
EPSS
1.7%
CVE-2019-7295 MEDIUM POC This Month

typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Typora
NVD GitHub
CVSS 3.0
6.1
EPSS
1.7%
CVE-2019-7250 MEDIUM POC This Month

An issue was discovered in the Cross Reference Add-on 36 for Google Docs. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Google Cross Reference
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-7282 MEDIUM POC This Month

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Netkit Debian Linux Fedora
NVD
CVSS 3.1
5.9
EPSS
2.1%
CVE-2019-6111 MEDIUM POC PATCH THREAT This Month

An issue was discovered in OpenSSH 7.9. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

SSH Path Traversal Openssh Winscp Ubuntu Linux +16
NVD Exploit-DB
CVSS 3.1
5.9
EPSS
58.2%
CVE-2019-6109 MEDIUM PATCH This Month

An issue was discovered in OpenSSH 7.9. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

SSH Information Disclosure Openssh Winscp Ubuntu Linux +17
NVD VulDB
CVSS 3.1
6.8
EPSS
9.7%
CVE-2019-4040 MEDIUM This Month

IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM
NVD
CVSS 3.1
6.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy