Skip to main content
CVE-2019-12813 MEDIUM POC This Month

An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Reader v24. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Digital Persona U Are U 4500 Firmware
NVD GitHub
CVSS 3.0
5.9
EPSS
1.1%
CVE-2019-11129 MEDIUM PATCH This Month

Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +3
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2019-11128 MEDIUM PATCH This Month

Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Intel Information Disclosure Nuc Kit Firmware +2
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2019-11127 MEDIUM PATCH This Month

Buffer overflow in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +3
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2019-11126 MEDIUM PATCH This Month

Pointer corruption in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +3
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2019-11125 MEDIUM PATCH This Month

Insufficient input validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Intel Information Disclosure Nuc Kit Firmware +2
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2019-11124 MEDIUM PATCH This Month

Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Privilege Escalation Buffer Overflow Intel +3
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2019-11123 MEDIUM PATCH This Month

Insufficient session validation in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Intel Information Disclosure Nuc Kit Firmware +2
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2019-0181 MEDIUM This Month

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Open Cloud Integrity Tehnology Openattestation
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2019-5439 MEDIUM This Month

A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Vlc Media Player
NVD
CVSS 3.0
6.5
EPSS
5.3%
CVE-2019-5286 MEDIUM This Month

There is a reflection XSS vulnerability in the HedEx products. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Hedex Lite
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2019-0157 MEDIUM This Month

Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Software Guard Extensions Software Guard Extensions Data Center Attestation Primitives
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2019-10962 MEDIUM This Month

BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Alaris Gateway Workstation Firmware
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2019-5245 MEDIUM This Month

HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Hisuite
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2019-11092 MEDIUM This Month

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Open Cloud Integrity Tehnology Openattestation
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0180 MEDIUM This Month

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Open Cloud Integrity Tehnology Openattestation
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0179 MEDIUM This Month

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Open Cloud Integrity Tehnology Openattestation
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0177 MEDIUM This Month

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Open Cloud Integrity Tehnology Openattestation
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-0175 MEDIUM This Month

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Open Cloud Integrity Tehnology Openattestation
NVD
CVSS 3.1
4.4
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy