Skip to main content
CVE-2019-12774 MEDIUM POC This Month

A number of stored XSS vulnerabilities have been identified in the web configuration feature in ENTTEC Datagate Mk2 70044_update_05032019-482 that could allow an unauthenticated threat actor to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Datagate Mk2 Firmware Storm 24 Firmware Pixelator Firmware E Streamer Mk2 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-12477 MEDIUM POC THREAT This Month

Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Stv Lc40Lt0020F Firmware
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
13.3%
CVE-2019-9084 MEDIUM POC This Month

In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Denial Of Service Hoteldruid
NVD
CVSS 3.0
4.9
EPSS
1.7%
CVE-2019-8283 MEDIUM This Month

Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sentinel Ldk
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-3477 MEDIUM This Month

Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Solutions Business Manager
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2019-2101 MEDIUM This Month

In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Information Disclosure Android Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2019-4070 MEDIUM This Month

IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Intelligent Operations Center Intelligent Operations Center For Emergency Management Water Operations For Waternamics
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-8282 MEDIUM This Month

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with www3.safenet-inc.com to obtain language packs. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Sentinel Ldk
NVD
CVSS 3.1
5.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy