Skip to main content
CVE-2019-16935 MEDIUM POC This Month

The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Python Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
4.7%
CVE-2019-16926 MEDIUM POC This Month

Flower 0.9.3 has XSS via a crafted worker name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Flower
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-16925 MEDIUM POC This Month

Flower 0.9.3 has XSS via the name parameter in an @app.task call. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Flower
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2019-16930 MEDIUM PATCH This Month

Zcashd in Zcash before 2.0.7-3 allows discovery of the IP address of a full node that owns a shielded address, related to mishandling of exceptions during deserialization of note plaintexts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Deserialization Zcash
NVD GitHub
CVSS 3.1
5.3
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy