Skip to main content
CVE-2019-10998 MEDIUM This Month

An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Axc F 2152 Firmware Axc F 2152 Starterkit Firmware
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2019-12875 MEDIUM PATCH This Month

Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Abuild
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2019-12592 MEDIUM This Month

A universal Cross-site scripting (UXSS) vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Google Web Clipper
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-6965 MEDIUM POC This Month

An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/qr/qr.php url parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP I Doit
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
2.5%
CVE-2019-12823 MEDIUM PATCH This Month

Craft CMS before 3.1.31 does not properly filter XML feeds and thus allowing XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Craft Cms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy