Skip to main content
CVE-2019-13147 MEDIUM POC This Month

In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Audiofile Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
1.9%
CVE-2019-7255 MEDIUM POC THREAT This Month

Linear eMerge E3-Series devices allow XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Linear Emerge Essential Firmware Linear Emerge Elite Firmware
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
55.8%
CVE-2019-10975 MEDIUM PATCH This Month

An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Alpha7 Pc Loader Firmware
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2019-13175 MEDIUM This Month

Read the Docs before 3.5.1 has an Open Redirect if certain user-defined redirects are used. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Read The Docs
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-4134 MEDIUM This Month

IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM Planning Analytics
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-4260 MEDIUM PATCH This Month

IBM Daeja ViewONE Professional, Standard & Virtual 5.0 through 5.0.5 could allow an unauthorized user to download server files resulting in sensitive information disclosure. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Daeja Viewone
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2019-4129 MEDIUM This Month

IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remote attacker to obtain sensitive information, caused by an error message containing a stack trace. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Protect Operations Center
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2019-10136 MEDIUM This Month

It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Satellite Spacewalk
NVD
CVSS 3.0
4.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy