Skip to main content
CVE-2019-15810 MEDIUM PATCH This Month

Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Netdisco
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-4109 MEDIUM This Month

IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM Websphere Extreme Scale
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-14752 MEDIUM This Month

SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Suitecrm
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2019-13467 MEDIUM PATCH This Month

Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Ssd Dashboard
NVD
CVSS 3.1
5.9
EPSS
1.5%
CVE-2019-4115 MEDIUM This Month

IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Websphere Extreme Scale
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-4423 MEDIUM This Month

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Path Traversal Sterling File Gateway
NVD
CVSS 3.1
5.3
EPSS
2.7%
CVE-2019-4305 MEDIUM This Month

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Websphere Application Server
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2019-4280 MEDIUM This Month

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further attacks against the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Sterling File Gateway
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2019-3733 MEDIUM This Month

RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Crypto C Micro Edition Rsa Bsafe Crypto C
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2019-4106 MEDIUM This Month

IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Websphere Extreme Scale
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2019-4112 LOW Monitor

IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation IBM Websphere Extreme Scale
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2019-3729 LOW Monitor

RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Bsafe Micro Edition Suite
NVD
CVSS 3.1
2.4
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy