Skip to main content
CVE-2019-1010193 MEDIUM POC This Month

hisiphp 1.0.8 is affected by: Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hisiphp
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
CVE-2019-14250 MEDIUM POC This Month

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Binutils Ubuntu Linux Leap
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2019-14248 MEDIUM POC This Month

In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows a NULL pointer dereference in process_pragma, search_pragma_list, and nasm_set_limit when "%pragma limit" is mishandled. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Netwide Assembler
NVD
CVSS 3.0
5.5
EPSS
0.9%
CVE-2019-14247 MEDIUM POC This Month

The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Mpg321
NVD
CVSS 3.0
5.5
EPSS
1.4%
CVE-2019-3595 MEDIUM This Month

Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Command Injection Data Loss Prevention Endpoint
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2019-14249 MEDIUM PATCH This Month

dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Libdwarf
NVD
CVSS 3.0
6.5
EPSS
2.7%
CVE-2019-3485 MEDIUM This Month

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arcsight Logger
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2019-3591 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ePO extension in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows unauthenticated. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Data Loss Prevention Endpoint
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2019-10992 MEDIUM PATCH This Month

Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Cnssoft Screeneditor
NVD
CVSS 3.0
5.5
EPSS
1.0%
CVE-2019-1010189 MEDIUM This Month

mgetty prior to version 1.2.1 is affected by: Infinite Loop. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mgetty
NVD
CVSS 3.0
5.5
EPSS
0.8%
CVE-2019-1010190 MEDIUM This Month

mgetty prior to 1.2.1 is affected by: out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Mgetty
NVD
CVSS 3.0
5.5
EPSS
0.8%
CVE-2019-10968 MEDIUM This Month

Philips Holter 2010 Plus, all versions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zymed Holter 2010
NVD
CVSS 3.1
4.4
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy