Skip to main content
CVE-2019-12922 MEDIUM POC PATCH THREAT This Month

A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Phpmyadmin Fedora
NVD GitHub Exploit-DB
CVSS 3.1
6.5
EPSS
10.2%
CVE-2019-12517 MEDIUM POC This Month

An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress PHP Slickquiz
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-16289 MEDIUM POC This Month

The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress PHP Woody Ad Snippets
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2019-15031 MEDIUM POC PATCH This Month

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel Ubuntu Linux Leap +1
NVD
CVSS 3.1
4.4
EPSS
0.6%
CVE-2019-15030 MEDIUM POC PATCH This Month

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Linux Linux Kernel Ubuntu Linux Leap +1
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2019-3646 MEDIUM This Month

DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft RCE Total Protection
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2019-5314 MEDIUM This Month

Some web components in the ArubaOS software are vulnerable to HTTP Response splitting (CRLF injection) and Reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arubaos
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-13920 MEDIUM PATCH This Month

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Sinema Remote Connect Server
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2019-13919 MEDIUM PATCH This Month

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Sinema Remote Connect Server
NVD
CVSS 3.1
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy