Skip to main content
CVE-2019-10685 MEDIUM POC This Month

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Prinect Archiver
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
2.3%
CVE-2019-11604 MEDIUM POC This Month

An issue was discovered in Quest KACE Systems Management Appliance before 9.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Kace Systems Management Appliance
NVD
CVSS 3.0
6.1
EPSS
1.8%
CVE-2019-11876 MEDIUM POC PATCH This Month

In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation script/component is affected by Reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Prestashop Drupal
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-7090 MEDIUM This Month

Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Microsoft Information Disclosure Flash Player Desktop Runtime +1
NVD
CVSS 3.0
6.5
EPSS
4.8%
CVE-2019-7075 MEDIUM PATCH This Month

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Adobe RCE Memory Corruption Use After Free +2
NVD
CVSS 3.0
6.5
EPSS
4.0%
CVE-2019-7074 MEDIUM PATCH This Month

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
6.5
EPSS
2.9%
CVE-2019-7073 MEDIUM PATCH This Month

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
6.5
EPSS
2.9%
CVE-2019-7071 MEDIUM PATCH This Month

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
6.5
EPSS
2.9%
CVE-2019-7049 MEDIUM PATCH This Month

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
6.5
EPSS
2.5%
CVE-2019-7045 MEDIUM PATCH This Month

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2019-2726 MEDIUM PATCH This Month

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Services Integration). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable.

Denial Of Service Oracle Enterprise Manager Ops Center
NVD
CVSS 3.0
6.3
EPSS
1.0%
CVE-2019-7092 MEDIUM This Month

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Information Disclosure Coldfusion
NVD
CVSS 3.0
6.1
EPSS
2.4%
CVE-2019-8346 MEDIUM This Month

In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting (XSS) vulnerability allows for an unauthenticated manipulation of the JavaScript code by injecting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zoho Manageengine Adselfservice Plus
NVD
CVSS 3.0
6.1
EPSS
3.5%
CVE-2019-12315 MEDIUM This Month

Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Samsung Scx 824 Firmware
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-12313 MEDIUM PATCH This Month

XSS exists in Shave before 2.5.3 because output encoding is mishandled during the overwrite of an HTML element. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Shave
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2019-10848 MEDIUM POC This Month

Computrols CBAS 18.0.0 allows Username Enumeration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Computrols Building Automation Software
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
8.5%
CVE-2019-12195 MEDIUM POC This Month

TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link XSS Tl Wr840N Firmware
NVD Exploit-DB
CVSS 3.0
4.8
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy