Skip to main content
CVE-2019-11472 MEDIUM POC PATCH This Month

ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
3.4%
CVE-2019-11470 MEDIUM POC PATCH This Month

The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
3.6%
CVE-2019-2557 MEDIUM POC PATCH This Month

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Oracle Application Testing Suite
NVD GitHub
CVSS 3.0
6.3
EPSS
5.5%
CVE-2019-11463 MEDIUM POC PATCH This Month

A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libarchive
NVD GitHub
CVSS 3.1
5.5
EPSS
1.3%
CVE-2019-2588 MEDIUM POC PATCH THREAT This Month

Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Oracle Business Intelligence Publisher
NVD Exploit-DB
CVSS 3.0
4.9
EPSS
37.1%
CVE-2019-2579 MEDIUM POC PATCH This Month

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.0
4.3
EPSS
6.1%
CVE-2019-10688 MEDIUM This Month

VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application 3.9.1, use hard-coded credentials to establish connections. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Unified Communications Software Better Together Over Ethernet Connector
NVD
CVSS 3.0
6.8
EPSS
0.3%
CVE-2019-2594 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Application Server). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.8
EPSS
1.1%
CVE-2019-2571 MEDIUM PATCH This Month

Vulnerability in the RDBMS DataPump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Information Disclosure Oracle Database Server
NVD
CVSS 3.0
6.6
EPSS
1.1%
CVE-2019-2713 MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce (subcomponent: Asset Manager). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Commerce Merchandising
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2019-2695 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2019-2694 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2019-2693 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2019-2678 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2019-2613 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-2612 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-2611 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2019-2610 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2019-2609 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2019-2574 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Authentication Bypass Oracle Vm Virtualbox
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2019-11474 MEDIUM PATCH This Month

coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Graphicsmagick Fedora Debian Linux Ubuntu Linux +2
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2019-11473 MEDIUM PATCH This Month

coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Information Disclosure Graphicsmagick
NVD
CVSS 3.0
6.5
EPSS
2.4%
CVE-2019-2692 MEDIUM PATCH This Month

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Rated medium severity (CVSS 6.3).

Information Disclosure Oracle Mysql Connector J
NVD
CVSS 3.0
6.3
EPSS
0.5%
CVE-2019-2719 MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: Web Applications (InfoCenter)). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Knowledge Management
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-2712 MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Platform component of Oracle Commerce (subcomponent: Dynamo Application Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Commerce Platform
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-2709 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-2707 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management component of Oracle PeopleSoft Products (subcomponent: Application Search). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Learning Management
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-2659 MEDIUM PATCH This Month

Vulnerability in the Oracle Commerce Platform component of Oracle Commerce (subcomponent: Dynamo Application Framework). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Commerce Platform
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-2637 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-2591 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HRMS component of Oracle PeopleSoft Products (subcomponent: Candidate Gateway). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Human Capital Management Candidate Gateway
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-10864 MEDIUM PATCH This Month

The WP Statistics plugin through 12.6.2 for WordPress has XSS, allowing a remote attacker to inject arbitrary web script or HTML via the Referer header of a GET request. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Wp Statistics
NVD GitHub
CVSS 3.0
6.1
EPSS
1.4%
CVE-2019-2684 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Java Oracle Jdk Jre +15
NVD
CVSS 3.1
5.9
EPSS
37.6%
CVE-2019-2618 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
5.5
EPSS
33.4%
CVE-2019-2629 MEDIUM PATCH This Month

Vulnerability in the Oracle Health Sciences Data Management Workbench component of Oracle Health Sciences Applications (subcomponent: User Interface). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Health Sciences Data Management Workbench
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2019-2597 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Peoplesoft Enterprise Peopletools
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2019-2704 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: IPS Package Manager). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Solaris
NVD
CVSS 3.0
5.3
EPSS
1.4%
CVE-2019-2623 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
5.3
EPSS
1.9%
CVE-2019-2582 MEDIUM PATCH This Month

Vulnerability in the Core RDBMS component of Oracle Database Server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Database Server
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2019-2576 MEDIUM PATCH This Month

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Container). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Service Bus
NVD
CVSS 3.0
5.3
EPSS
1.5%
CVE-2019-2575 MEDIUM PATCH This Month

Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite (subcomponent: Format Handling - 2D). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Autovue 3D Professional Advanced
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2019-2572 MEDIUM PATCH This Month

Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Soa Suite
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2019-2634 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Rated medium severity (CVSS 5.1), this vulnerability is no authentication required.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
5.1
EPSS
0.4%
CVE-2019-2568 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Weblogic Server
NVD
CVSS 3.0
5.0
EPSS
0.8%
CVE-2019-2691 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2019-2689 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2019-2688 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2019-2687 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2019-2686 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2019-2685 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Software Collections Enterprise Linux +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2019-2683 MEDIUM PATCH This Month

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux Software Collections +4
NVD
CVSS 3.1
4.9
EPSS
2.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy