Skip to main content
CVE-2019-9735 MEDIUM POC PATCH This Month

An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Neutron Openstack Debian Linux
NVD
CVSS 3.0
6.5
EPSS
3.6%
CVE-2019-9741 MEDIUM POC This Month

An issue was discovered in net/http in Go 1.11.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Redis Code Injection Go Debian Linux Fedora +2
NVD GitHub
CVSS 3.1
6.1
EPSS
2.3%
CVE-2019-9740 MEDIUM POC This Month

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Redis Code Injection Python
NVD
CVSS 3.1
6.1
EPSS
5.3%
CVE-2019-9738 MEDIUM POC This Month

jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gopher
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-9737 MEDIUM POC This Month

Editor.md 1.5.0 has DOM-based XSS via vectors involving the '<EMBED SRC="data:image/svg+xml' substring. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Editor Md
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-9736 MEDIUM POC This Month

DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors involving the '<EMBED SRC="data:image/svg+xml' substring. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 1024Tools
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-9754 MEDIUM POC This Month

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Tinycc
NVD
CVSS 3.0
5.5
EPSS
0.9%
CVE-2019-6600 MEDIUM This Month

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Big Ip Local Traffic Manager Big Ip Application Acceleration Manager Big Ip Advanced Firewall Manager Big Ip Analytics +9
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-6599 MEDIUM This Month

In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1.1, improper escaping of values in an undisclosed page of the configuration utility may result with an improper handling on the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Big Ip Access Policy Manager
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-6601 MEDIUM This Month

In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application Acceleration Manager (AAM) wamd process used in processing of images and PDFs fails to drop group permissions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Big Ip Application Acceleration Manager
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2019-3715 MEDIUM This Month

RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Archer Grc Platform
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2019-9752 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs Backports Sle Leap
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2019-9751 MEDIUM PATCH This Month

An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Otrs
NVD
CVSS 3.0
4.8
EPSS
0.8%
CVE-2019-6598 MEDIUM This Month

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11.6.3.2, or 11.5.1-11.5.8 or Enterprise Manager 3.1.1, malformed requests to the Traffic Management User Interface (TMUI), also. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Local Traffic Manager Big Ip Application Acceleration Manager Big Ip Advanced Firewall Manager Big Ip Analytics +10
NVD
CVSS 3.0
4.3
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy