Skip to main content
CVE-2019-6595 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Big Ip Access Policy Manager
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-9168 MEDIUM PATCH This Month

WooCommerce before 3.5.5 allows XSS via a Photoswipe caption. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Woocommerce
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-9191 MEDIUM This Month

The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) protocol does not provide per-session forward secrecy. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Enterprise Transport Security
NVD
CVSS 3.0
5.9
EPSS
1.5%
CVE-2019-6594 MEDIUM This Month

On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi-Path TCP (MPTCP) does not protect against multiple zero length DATA_FINs in the reassembly queue, which. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Big Ip Access Policy Manager Big Ip Local Traffic Manager Big Ip Advanced Firewall Manager Big Ip Analytics +8
NVD
CVSS 3.0
5.9
EPSS
1.0%
CVE-2019-6593 MEDIUM This Month

On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Local Traffic Manager Big Ip Advanced Firewall Manager Big Ip Analytics +8
NVD
CVSS 3.0
5.9
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy