Skip to main content
CVE-2019-8335 MEDIUM POC This Month

An issue was discovered in SchoolCMS 2.3.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Schoolcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-8334 MEDIUM POC This Month

An issue was discovered in SchoolCMS 2.3.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Schoolcms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-5915 MEDIUM PATCH This Month

Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Openam
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-3610 MEDIUM This Month

Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure True Key
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2019-8337 MEDIUM PATCH This Month

In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mpop Msmtp
NVD
CVSS 3.0
5.3
EPSS
0.9%
CVE-2019-5914 MEDIUM This Month

V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Null Pointer Dereference Denial Of Service V20 Pro L 01J Firmware
NVD
CVSS 3.0
5.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy