Skip to main content
CVE-2019-4237 MEDIUM This Month

A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Infosphere Information Server Infosphere Information Governance Catalog Infosphere Information Server On Cloud
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-7277 MEDIUM This Month

Optergy Proton/Enterprise devices allow Unauthenticated Internal Network Information Disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Enterprise Proton
NVD
CVSS 3.0
5.3
EPSS
1.9%
CVE-2019-4337 MEDIUM PATCH This Month

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass IBM Robotic Process Automation With Automation Anywhere
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2019-12781 MEDIUM PATCH This Month

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Information Disclosure Django Ubuntu Linux Debian Linux
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2019-4295 MEDIUM PATCH This Month

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker with specialized access to obtain highly sensitive from the credential vault. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Hashicorp Robotic Process Automation With Automation Anywhere
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2019-3962 LOW Monitor

Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Nessus
NVD
CVSS 3.0
3.3
EPSS
1.0%
CVE-2019-4296 LOW PATCH Monitor

IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

IBM Information Disclosure Robotic Process Automation With Automation Anywhere
NVD
CVSS 3.1
3.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy