Skip to main content
CVE-2019-6468 HIGH This Week

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Bind
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2019-6467 HIGH This Week

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Bind
NVD
CVSS 3.1
7.5
EPSS
5.4%
CVE-2019-17128 HIGH This Week

Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in the redirect parameters and parameter name of the login page through a GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Omnicenter
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-15226 HIGH PATCH This Week

Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays below a maximum limit. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Envoy
NVD GitHub
CVSS 3.1
7.5
EPSS
65.4%
CVE-2019-0054 HIGH This Week

An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2019-0073 HIGH This Week

The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 3.1
7.1
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy