Skip to main content
CVE-2019-14295 MEDIUM POC This Month

An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Upx
NVD GitHub
CVSS 3.0
5.5
EPSS
1.5%
CVE-2019-14294 MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
CVE-2019-14293 MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
0.9%
CVE-2019-14292 MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
1.1%
CVE-2019-14291 MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
0.9%
CVE-2019-14290 MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
CVE-2019-14289 MEDIUM POC This Month

An issue was discovered in Xpdf 4.01.01. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Xpdfreader
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
CVE-2019-14298 MEDIUM POC This Month

Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(config) field to addDashboard or editDashboard in CommonDataHandlerReadOnly.ashx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS One Reporter
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-14297 MEDIUM POC This Month

Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with a crafted Caption field to setDashboardWidget in CommonDataHandlerReadOnly.ashx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS One Reporter
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
0.7%
CVE-2019-14286 MEDIUM PATCH This Month

In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnerability exists in the event-graph view when a user toggles the event graph view. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Misp
NVD GitHub VulDB
CVSS 3.0
6.1
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy