Skip to main content
CVE-2019-10110 MEDIUM POC This Month

An Insecure Permissions issue (issue 1 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gitlab
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2019-1010258 MEDIUM POC This Month

nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf42c29726 is affected by: Buffer Overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Nanosvg
NVD GitHub
CVSS 3.0
6.5
EPSS
1.8%
CVE-2019-10111 MEDIUM POC This Month

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Gitlab
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2019-10108 MEDIUM POC This Month

An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Gitlab
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2019-10109 MEDIUM POC This Month

An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.0
5.3
EPSS
2.0%
CVE-2019-1813 MEDIUM This Month

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-1812 MEDIUM This Month

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-1811 MEDIUM This Month

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-1810 MEDIUM This Month

A vulnerability in the Image Signature Verification feature used in an NX-OS CLI command in Cisco Nexus 3000 Series and 9000 Series Switches could allow an authenticated, local attacker with. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-1809 MEDIUM This Month

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Jwt Attack Cisco Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2019-1795 MEDIUM This Month

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os Firepower Extensible Operating System
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1791 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1790 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1784 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1783 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1782 MEDIUM This Month

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os Fx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1781 MEDIUM This Month

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os Fx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1779 MEDIUM This Month

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Firepower Extensible Operating System Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-1778 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1776 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1775 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1774 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1770 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Ns Ox
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-1769 MEDIUM This Month

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2019-1767 MEDIUM This Month

A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.9%
CVE-2019-1730 MEDIUM This Month

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2019-1728 MEDIUM This Month

A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure Nx Os
NVD
CVSS 3.0
6.7
EPSS
0.3%
CVE-2019-1727 MEDIUM This Month

A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and issue arbitrary commands to elevate the. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Python Nx Os
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2019-3727 MEDIUM This Month

Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Command Injection Emc Recoverpoint Recoverpoint For Virtual Machines
NVD
CVSS 3.0
6.7
EPSS
0.7%
CVE-2019-1732 MEDIUM This Month

A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to leverage a time-of-check,. Rated medium severity (CVSS 6.4). No vendor patch available.

Cisco Command Injection Nx Os
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2019-1729 MEDIUM This Month

A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2019-11833 MEDIUM PATCH This Month

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Linux Information Disclosure Linux Kernel Fedora Debian Linux +12
NVD GitHub
CVSS 3.1
5.5
EPSS
0.6%
CVE-2019-1733 MEDIUM This Month

A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Nx Os
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2019-3602 MEDIUM This Month

Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Network Security Manager
NVD
CVSS 3.0
4.8
EPSS
0.6%
CVE-2019-1808 MEDIUM This Month

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Jwt Attack Cisco Information Disclosure Nx Os
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-1731 MEDIUM This Month

A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Nx Os
NVD
CVSS 3.1
4.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy