Skip to main content
CVE-2019-10875 MEDIUM POC This Month

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the "q" query. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mi Browser Mint Browser
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2019-10873 MEDIUM POC This Month

An issue was discovered in Poppler 0.74.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Poppler
NVD
CVSS 3.0
6.5
EPSS
2.6%
CVE-2019-10871 MEDIUM POC This Month

An issue was discovered in Poppler 0.74.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Poppler
NVD
CVSS 3.0
6.5
EPSS
2.5%
CVE-2019-10887 MEDIUM POC This Month

A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Slc 20 Cube3 5
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
5.8%
CVE-2019-10876 MEDIUM PATCH This Month

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Neutron Openstack
NVD
CVSS 3.0
6.5
EPSS
1.8%
CVE-2019-10868 MEDIUM PATCH This Month

In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Trytond Debian Linux
NVD
CVSS 3.1
6.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy