Skip to main content
CVE-2019-5519 MEDIUM This Month

VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

VMware Information Disclosure Fusion Workstation ESXi
NVD
CVSS 3.0
6.8
EPSS
1.0%
CVE-2019-5518 MEDIUM This Month

VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow VMware Information Disclosure Fusion Workstation +1
NVD
CVSS 3.0
6.8
EPSS
0.8%
CVE-2019-1002100 MEDIUM PATCH This Month

In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Kubernetes Openshift Container Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
10.6%
CVE-2019-3876 MEDIUM This Month

A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF Openshift Container Platform
NVD
CVSS 3.1
6.3
EPSS
0.7%
CVE-2019-5888 MEDIUM This Month

Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Geocall
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-1002101 MEDIUM PATCH This Month

The kubectl cp command allows copying files between containers and the user machine. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Kubernetes Openshift Container Platform
NVD GitHub
CVSS 3.0
5.5
EPSS
13.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy